Skip to content

dwaler/opschef-cookbook-openvas

 
 

Repository files navigation

Travis-ci status: Build Status

Description

Install and configure OpenVAS ( Open Vulenability Assessment System ); a fork of the [Nessus] (http://www.nessus.org/products/nessus) project.

Project homepage can be found [here] (http://www.openvas.org/index.html)

Requirements

It's recommended to create a role and apply it to your node definition.

Here's an exammple role to enable all things provided by this cookbook. This is the recommended method. Note: Including recipe openvas::nmap before openvas::server is required since it's a requirement.


name "openvas_server"
description "Install & configure an OpenVAS server."
override_attributes "openvas" => { "enable_nvt_updates_from_cron" => "yes",
                    "gsad_port" => "9392", "enable_greenbone_scan_configs" => "yes",
                    "nasl_no_signature_check" => "no" }
run_list [
  "recipe[openvas::nmap]",
  "recipe[openvas::server]"
]

Here's an example role to install an OpenVAS server.


name "openvas_scanner"
description "Install/Configure an OpenVAS Server"
override_attributes "openvas_scanner" => { }
run_list [
  "recipe[openvas::nmap]",
  "recipe[openvas::server]"
]  
override_attributes "openvas_scanner" => { }

Now upload your role like so:


knife role from file roles/openvas_scanner.json

Here's an example role to install an OpenVAS Scanner and automatically enable NVT updates.


name "openvas_scanner"
description "Install/Configure an OpenVAS Server"
override_attributes "openvas" => { "enable_nvt_updates_from_cron" => "yes" }
run_list [
  "recipe[openvas::server]",
  "recipe[openvas::nmap]"

Don't forget to apply your role to your node's definition


{
    "normal": {
    },
    "name": "ovasscanner",
    "override": {
    },
        "prod_web": {
    },
    "json_class": "Chef::Node",
    "automatic": {
    },
    "run_list": [
                "role[openvas_scanner]"
    ],
    "chef_type": "node"
}

Here's an example role to install only an OpenVAS client.


name "openvas_client"
description "Install/Configure an OpenVAS client"
run_list "recipe[openvas::client]"
override_attributes "openvas_scanner" => { }

Now upload your role like so:


knife role from file roles/openvas_client.rb

NOTE ABOUT ADMIN/PASSWORD

The default admin user name and password is written to /etc/openvas/openvas_admin_pass.txt.

Attributes

Set to "yes" to add entry to super user root's CRON tab.


default['openvas']['enable_nvt_updates_from_cron'] = "yes"

About

Opschef cookbook OpenVAS

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Shell 52.0%
  • Ruby 31.6%
  • Perl 16.4%