cookbook 'openvas', '= 0.0.46', :supermarket
openvas (10) Versions 0.0.46 Follow7
Installs/Configures openvas
cookbook 'openvas', '= 0.0.46'
knife supermarket install openvas
knife supermarket download openvas
Description
Install and configure OpenVAS ( Open Vulenability Assessment System ); a fork of the Nessus project.
Project homepage can be found here
Requirements
It's recommended to create a role and apply it to your node definition.
Here's an exammple role to enable all things provided by this cookbook. This is the recommended method. Note: Including recipe openvas::nmap before openvas::server is required since it's a requirement. <pre><code> name "openvas_server" description "Install & configure an OpenVAS server." override_attributes "openvas" => { "enable_nvt_updates_from_cron" => "yes", "gsad_port" => "9392", "enable_greenbone_scan_configs" => "yes", "nasl_no_signature_check" => "no" } run_list [ "recipe[openvas::nmap]", "recipe[openvas::server]" ] </pre></code>
Here's an example role to install an OpenVAS server.
<pre><code>
name "openvas_scanner"
description "Install/Configure an OpenVAS Server"
override_attributes "openvas_scanner" => { }
run_list [
"recipe[openvas::nmap]",
"recipe[openvas::server]"
]
override_attributes "openvas_scanner" => { }
</pre></code>
Now upload your role like so: <pre><code> knife role from file roles/openvas_scanner.json </pre></code>
Here's an example role to install an OpenVAS Scanner and automatically enable NVT updates. <pre><code> name "openvas_scanner" description "Install/Configure an OpenVAS Server" override_attributes "openvas" => { "enable_nvt_updates_from_cron" => "yes" } run_list [ "recipe[openvas::server]", "recipe[openvas::nmap]" </pre></code>
Don't forget to apply your role to your node's definition <pre><code> { "normal": { }, "name": "ovasscanner", "override": { }, "prod_web": { }, "json_class": "Chef::Node", "automatic": { }, "run_list": [ "role[openvas_scanner]" ], "chef_type": "node" } </pre></code>
Here's an example role to install only an OpenVAS client. <pre><code> name "openvas_client" description "Install/Configure an OpenVAS client" run_list "recipe[openvas::client]" override_attributes "openvas_scanner" => { } </pre></code>
Now upload your role like so: <pre><code> knife role from file roles/openvas_client.json </pre></code>
NOTE ABOUT ADMIN/PASSWORD
The default admin user name and password is written to /etc/openvas/openvas_admin_pass.txt.
Attributes
Set to "yes" to add entry to super user root's CRON tab. <pre><code> default['openvas']['enable_nvt_updates_from_cron'] = "yes" </pre></code>