Greenbone Vulnerability Management

PPA description

Greenbone Vulnerability Management version 11 (GVM-11) is the current stable major release of tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. GVM is developed for and as part of the commercial product line Greenbone Security Manager. It is developed by Greenbone and licenced as Open Source.

More info at: https://community.greenbone.net/

** NEW **
A set of docker images based on this PPA are avialble at docker hub. It could be used to setup GVM on any distribution of GNU/Linux.
More info: https://github.com/admirito/gvm-containers

===

To install the Greenbone Vulnerability Management 11 packages on Ubuntu 20.04 Focal Fossa first you need to install PostgreSQL database server (if you don't already have one--it could also be installed on a remote machine):

sudo apt install postgresql

Then use the following commands to install GVM:

sudo add-apt-repository ppa:mrazavi/gvm
sudo apt install gvm

Finally, you have to update the greenbone nvt/cert/scap data with these commands:

greenbone-nvt-sync
sudo greenbone-scapdata-sync
sudo greenbone-certdata-sync

You can access the Greenbone Security Assistant web interface at:

https://localhost:9392

(The port number has changed according to the upstream in the new version and the old 4000 port number is no longer the default)

The default username/password is as follows:

Username: admin
Password: admin

You can check the status of greenbone daemons with systemctl:

systemctl status ospd-openvas # scanner
systemctl status gvmd # manager
systemctl status gsad # web ui

A note for GVM 10 users:

GVM-10 supported both SQLite and PostgreSQL as database backend for gvmd. Unfortunately GVM-11 only supports PostgreSQL, so if you are using SQLite backend, you have to migrate to PostgreSQL. More info is available on https://github.com/greenbone/gvmd/blob/v9.0.0/INSTALL.md#migrating-from-sqlite-to-postgresql

Another new change in GVM-11 is that openvas-scanner package is now renamed to openvas. The new openvas package doesn't provide a daemon. Instead there is a new ospd-openvas package/daemon which executes openvas binary and gvmd connects to ospd-openvas with OSP protocol to perform the vulnerability scans.

Finally, if you were using PostgreSQL backend with GVM-10 it is worth noting that gvmd package will migrate the database automatically for you. But if you have problems with the database you can run the following commands to do it manually:

. /etc/default/gvmd
gvmd --migrate

And if gvmd is complaining it cannot connect to openvas it maybe because the scanner defined in the database is outdated. You can always recreate a new database with:

# IMPORTANT NOTE: if you choose to reinstall the database the old database
# will be deleted and you will loose the associated data
# e.g. all the scans, reports, etc. WILL BE DELETED.
sudo dpkg-reconfigure gvmd-pg

Also GVM 10 nvticache in the redis is not compatible with GVM 11 so you have to flush the cache in the redis after upgrading the GVM:

sudo redis-cli -s /var/run/redis/redis.sock FLUSHALL

A note for OpenVAS 9 users:

The new gvm-10 packages of this PPA are not compatible with openvas-9 series. To upgrade from openvas-9 to gvm-10, you have to first backup your data, most importantly the "mgr" directory containing the tasks.db database located at /var/lib/openvas/mgr; then purge the old packages with the following commands:

sudo systemctl stop openvas-manager
mkdir ~/openvas-backup
sudo cp -a /var/lib/openvas ~/openvas-backup/lib
sudo cp -a /etc/openvas ~/openvas-backup/etc

sudo apt purge 'openvas9*' 'libopenvas9*'
sudo rm -rf /var/log/openvas /var/lib/openvas /var/cache/openvas/

Then, you can install gvm-10 with the previous instructions of the PPA. Finally you can restore the tasks.db by the following commands:

sudo systemctl stop gvmd
sudo rm -f /var/lib/gvm/gvmd/gvmd.db*
echo .dump | sudo sqlite3 ~/openvas-backup/lib/mgr/tasks.db | \
             sudo sqlite3 /var/lib/gvm/gvmd/gvmd.db
sudo gvmd --migrate
sudo systemctl start gvmd

For more information read the gvmd manual at: https://github.com/greenbone/gvmd/blob/v8.0.0/INSTALL.md#migrating-to-version-80

Adding this PPA to your system

You can update your system with unsupported packages from this untrusted PPA by adding ppa:mrazavi/gvm to your system's Software Sources. (Read about installing)

sudo add-apt-repository ppa:mrazavi/gvm
sudo apt-get update
        
Technical details about this PPA

This PPA can be added to your system manually by copying the lines below and adding them to your system's software sources.

Display sources.list entries for:
deb http://ppa.launchpad.net/mrazavi/gvm/ubuntu YOUR_UBUNTU_VERSION_HERE main 
deb-src http://ppa.launchpad.net/mrazavi/gvm/ubuntu YOUR_UBUNTU_VERSION_HERE main 
Signing key:
1024R/CF38C8D889ADEAC0265E36983C453D244AA450E0 (What is this?)
Fingerprint:
CF38C8D889ADEAC0265E36983C453D244AA450E0

For questions and bugs with software in this PPA please contact Mohammad Razavi.

PPA statistics

Activity
6 updates added during the past month.
View package details

Overview of published packages

124 of 24 results
Package Version Uploaded by
gsa 9.0.1-4 Mohammad Razavi (2020-07-22)
gsa 9.0.0-1 Mohammad Razavi (2019-11-06)
gsa-nodejs-build-dependencies 2.0.1.2 Mohammad Razavi (2020-05-29)
gsa-nodejs-build-dependencies 2.0.0 Mohammad Razavi (2019-10-29)
gvm-libs 11.0.1-2 Mohammad Razavi (2020-05-29)
gvm-libs 11.0.0-1 Mohammad Razavi (2019-11-06)
gvm-tools 2.1.0-1 Mohammad Razavi (2020-05-29)
gvm-tools 2.0.0-1 Mohammad Razavi (2019-10-29)
gvmd 9.0.1-2 Mohammad Razavi (2020-07-22)
gvmd 9.0.0-1 Mohammad Razavi (2019-11-06)
openvas 1:7.0.1-2 Mohammad Razavi (2020-07-19)
openvas 1:7.0.0-2 Mohammad Razavi (2019-11-06)
openvas-scanner 6.0.0-3 Mohammad Razavi (2019-05-11)
openvas-smb 1.0.5-2 Mohammad Razavi (2020-05-29)
openvas-smb 1.0.5-1 Mohammad Razavi (2019-05-11)
ospd 2.0.1-1 Mohammad Razavi (2020-05-29)
ospd 2.0.0-1 Mohammad Razavi (2019-10-29)
ospd-openvas 1.0.1-3 Mohammad Razavi (2020-07-22)
ospd-openvas 1.0.0-3 Mohammad Razavi (2020-02-27)
polib 1.1.0-4 (Newer version available) Mohammad Razavi (2020-05-29)
python-gvm 1.5.0-1 Mohammad Razavi (2020-05-29)
python-gvm 1.0.0-1 Mohammad Razavi (2019-10-29)
python-redis 3.3.11-2 Mohammad Razavi (2020-02-27)
yarn 1.13.0-1 Mohammad Razavi (2019-03-07)
124 of 24 results

Latest updates

  • gvmd 3 weeks ago
    Successfully built
  • gsa 3 weeks ago
    Successfully built
  • ospd-openvas 3 weeks ago
    Successfully built
  • openvas 4 weeks ago
    Successfully built
  • gsa-nodejs-build-dependencies 11 weeks ago
    Successfully built