Skip to content
This repository has been archived by the owner on May 18, 2022. It is now read-only.

jackl0phty/opschef-cookbook-openvas

BranchesTags

Repository files navigation

ko-fi Travis-ci status: Build Status

Description

Install and configure OpenVAS ( Open Vulenability Assessment System ); a fork of the [Nessus] (http://www.nessus.org/products/nessus) project.

Project homepage can be found [here] (http://www.openvas.org/index.html)

Requirements

It's recommended to create a role and apply it to your node definition.

Here's an exammple role to enable all things provided by this cookbook. This is the recommended method. Note: Including recipe openvas::nmap before openvas::server is required since it's a requirement.


name "openvas_server"
description "Install & configure an OpenVAS server."
override_attributes "openvas" => { "enable_nvt_updates_from_cron" => "yes",
                    "gsad_port" => "9392", "enable_greenbone_scan_configs" => "yes",
                    "nasl_no_signature_check" => "no" }
run_list [
  "recipe[openvas::nmap]",
  "recipe[openvas::server]"
]

Here's an example role to install an OpenVAS server.


name "openvas_scanner"
description "Install/Configure an OpenVAS Server"
override_attributes "openvas_scanner" => { }
run_list [
  "recipe[openvas::nmap]",
  "recipe[openvas::server]"
]  
override_attributes "openvas_scanner" => { }

Now upload your role like so:


knife role from file roles/openvas_scanner.json

Here's an example role to install an OpenVAS Scanner and automatically enable NVT updates.


name "openvas_scanner"
description "Install/Configure an OpenVAS Server"
override_attributes "openvas" => { "enable_nvt_updates_from_cron" => "yes" }
run_list [
  "recipe[openvas::server]",
  "recipe[openvas::nmap]"

Don't forget to apply your role to your node's definition


{
    "normal": {
    },
    "name": "ovasscanner",
    "override": {
    },
        "prod_web": {
    },
    "json_class": "Chef::Node",
    "automatic": {
    },
    "run_list": [
                "role[openvas_scanner]"
    ],
    "chef_type": "node"
}

Here's an example role to install only an OpenVAS client.


name "openvas_client"
description "Install/Configure an OpenVAS client"
run_list "recipe[openvas::client]"
override_attributes "openvas_scanner" => { }

Now upload your role like so:


knife role from file roles/openvas_client.rb

NOTE ABOUT ADMIN/PASSWORD

The default admin user name and password is written to /etc/openvas/openvas_admin_pass.txt.

Attributes

Set to "yes" to add entry to super user root's CRON tab.


default['openvas']['enable_nvt_updates_from_cron'] = "yes"

About

Opschef cookbook OpenVAS

Resources

Readme
Activity

Stars

15 stars

Watchers

7 watching

Forks

20 forks
Report repository

Releases

No releases published

Sponsor this project

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages