This is an OSP server implementation to allow GVM to remotely control OpenVAS, see https://github.com/greenbone/openvas.
Once running, you need to configure OpenVAS for the Greenbone Vulnerability Manager, for example via the web interface Greenbone Security Assistant. Then you can create scan tasks to use OpenVAS.
Python 3.7 and later is supported.
Beyond the ospd base library,
ospd-openvas has dependencies on the following Python packages:
There are no special installation aspects for this module beyond the general installation guide for ospd-based scanners.
Please follow the general installation guide for ospd-based scanners:
ospd-openvas startup parameter
--lock-file-dir or the
parameter of the
ospd.conf config file needs to point to the same location / path of
gvmd daemon and the
openvas command line tool (Default:
Examples for both are shipped within the
config sub-folder of this project.
Please see the
Details section of the GVM release notes
for more details.
Please note that although you can run
openvas (launched from an
process) as a user without elevated privileges, it is recommended that you start
root since a number of Network Vulnerability Tests (NVTs) require
root privileges to perform certain operations like packet forgery. If you run
openvas as a user without permission to perform these operations, your scan
results are likely to be incomplete.
openvas will be launched from an
ospd-openvas process with sudo,
the next configuration is required in the sudoers file:
add this line to allow the user running
ospd-openvas, to launch
with root permissions
<user> ALL = NOPASSWD: <install prefix>/sbin/openvas
If you set an install prefix, you have to update the path in the sudoers file too:
Defaults secure_path=<existing paths...>:<install prefix>/sbin
There are no special usage aspects for this module beyond the generic usage guide.
Please follow the general usage guide for ospd-based scanners:
For any question on the usage of ospd-openvas please use the Greenbone Community Portal. If you found a problem with the software, please create an issue on GitHub. If you are a Greenbone customer you may alternatively or additionally forward your issue to the Greenbone Support Portal.
This project is maintained by Greenbone Networks GmbH.
For development you should use poetry to keep you python packages separated in different environments. First install poetry via pip
python3 -m pip install --user poetry
in the checkout directory of ospd-openvas (the directory containing the
pyproject.toml file) to install all dependencies including the packages only
required for development.
The ospd-openvas repository uses autohooks to apply linting and auto formatting via git hooks. Please ensure the git hooks are active.
poetry install poetry run autohooks activate --force
Copyright (C) 2018-2021 Greenbone Networks GmbH
Licensed under the GNU Affero General Public License v3.0 or later.