OpenVAS Vulnerability Scanning: Installation and Setup Guide for Beginners (Part 1)

OpenVAS vulnerability scanning has become a cornerstone for cybersecurity professionals seeking to identify weaknesses in networks and systems. This comprehensive guide walks you through the OpenVAS installation and setup process on Kali Linux, ensuring you can launch effective vulnerability assessments quickly. Whether you’re a penetration tester or IT admin, mastering OpenVAS setup equips you to detect thousands of Common Vulnerabilities and Exposures (CVEs) efficiently.

In this part 1 tutorial, we’ll cover everything from prerequisites to your first scan on a target like Metasploitable 2. With cyber threats rising—over 25,000 new vulnerabilities reported in 2023 alone according to NIST—tools like OpenVAS are essential for proactive defense. By the end, you’ll have a fully operational OpenVAS vulnerability scanner ready for real-world use.

What Is OpenVAS and Why Choose It for Vulnerability Scanning?

OpenVAS, or the Open Vulnerability Assessment System, is a free, open-source framework for vulnerability scanning and management. Originally a fork of Nessus in 2005, it has evolved into a robust alternative used by over 50,000 organizations worldwide, per Greenbone Networks’ data.

It performs comprehensive scans to detect software flaws, misconfigurations, and compliance issues across networks, web apps, and hosts. Unlike proprietary tools, OpenVAS offers unlimited scanning without licensing fees, making it ideal for small teams or educational purposes.

How Does OpenVAS Vulnerability Scanning Work?

OpenVAS operates via Network Vulnerability Tests (NVTs), with over 50,000 checks updated weekly via feed synchronization. It uses a client-server architecture: the scanner engine probes targets, while the web interface (Greenbone Security Assistant or GSA) displays results in intuitive dashboards.

• Key Components: GVM (Greenbone Vulnerability Manager), GVMD (management daemon), and OSP (Open Scanner Protocol) servers.
• Scan Types: Full and fast, authenticated vs. unauthenticated, to balance depth and speed.

For instance, scanning a Linux server might reveal unpatched OpenSSL vulnerabilities like CVE-2023-0464, which affected 30% of internet-facing systems in early 2023.

Pros and Cons of OpenVAS for Vulnerability Assessment

Advantages: Cost-free, community-driven updates, scalable for enterprises with Greenbone Enterprise Appliance options starting at $5,000/year.

Disadvantages: Steeper learning curve than GUI-heavy tools; false positives can reach 10-15% without tuning, per SANS Institute reports.

“OpenVAS democratizes vulnerability scanning, empowering pentesters without budgets to rival enterprise-grade solutions.”
— Cybersecurity expert at DEF CON 2024

What Are the System Requirements for OpenVAS 9 Installation?

Before diving into OpenVAS setup, ensure your environment meets the prerequisites. OpenVAS 9 requires a robust Linux host, preferably Kali or Debian-based distros, due to its dependency on PostgreSQL and Redis.

Currently, in 2024, while OpenVAS 22 is the latest stable release, this guide focuses on version 9 for compatibility with legacy tutorials and Metasploitable 2. Minimum specs: 4GB RAM, 20GB disk space, quad-core CPU. Recommended: 8GB+ RAM for scanning 100+ hosts.

Essential Prerequisites and Dependencies

1. Update Your System: Run sudo apt update && sudo apt upgrade -y to avoid package conflicts.
2. Install Required Packages: Core deps include sqlite3 xsltproc nmap rsync wget zip unzip. Use sudo apt install -y for each.
3. Virtualization Setup: Download Metasploitable 2 VM (1.1GB) from SourceForge for testing—it’s intentionally vulnerable with 15+ exploits like Samba and vsftpd backdoors.
4. Network Configuration: Ensure Kali (host: 192.168.1.100) and Metasploitable (guest: 192.168.1.101) are on the same subnet.

Pro tip: Allocate 2GB RAM to your Kali VM in VirtualBox or VMware for smooth performance during feed syncs, which download 2GB+ of NVT data.

How Do You Install OpenVAS 9 on Kali Linux Step by Step?

Installing OpenVAS 9 on Kali Linux takes 30-60 minutes, depending on your internet speed for feed downloads. This vulnerability scanner installation process builds from source or uses Kali repos for stability.

As of 2024, Kali Rolling includes GVM 20+, but for OpenVAS 9 purity, follow these verified steps. Always snapshot your VM beforehand.

Step-by-Step OpenVAS 9 Installation Guide

1. Add OpenVAS Repository:

   Edit /etc/apt/sources.list.d/openvas.list and add deb https://download.openvas.org stable. Import GPG key: wget -qO - https://download.openvas.org/greenbone-security-assistant.key | sudo apt-key add -.

2. Install OpenVAS:

   Run sudo apt update && sudo apt install openvas -y. This pulls 500MB+ packages including gvm-libs and openvas-scanner.

3. Configure Database:

   Execute sudo gvm-setup. It creates admin credentials (default: admin/admin), syncs feeds (wait 5-10 mins), and sets up PostgreSQL user ‘gvm’.

4. Verify Installation:

   Check services: sudo gvm-check-setup should report “OK” for all components. Access GSA at https://127.0.0.1:9392 (ignore self-signed cert warning).

5. Optional: Install GUI Tools:

   For enhanced reporting, add sudo apt install greenbone-security-assistant-gsa.

Post-install, OpenVAS boasts 99% uptime in tests, scanning 50 hosts/minute on mid-range hardware.

Common Pitfalls During Installation and Fixes

• Feed Sync Fails: Proxy issues—set export http_proxy=http://proxy:port.
• Port Conflicts: Kill Redis on 6379 if active: sudo systemctl stop redis-server.
• Memory Errors: Increase swap: sudo fallocate -l 4G /swapfile && sudo mkswap /swapfile && sudo swapon /swapfile.

How to Configure OpenVAS After Installation for Optimal Vulnerability Scanning?

Once installed, OpenVAS configuration is key to accurate scans. Log into GSA with your admin creds and navigate the dashboard for targets, tasks, and reports.

Tune settings to reduce false positives: enable credential scans for authenticated checks, which improve accuracy by 40%, per Gartner research.

Setting Up Your First Target and Scan Task

1. Create Target: Configuration > Targets > New. Enter Metasploitable IP (192.168.1.101), ports “All TCP”, allow simultaneous scans.
2. Define Task: Scans > Tasks > New. Select target, “Full and fast” scan config, schedule if needed.
3. Launch Scan: Click “Start”. Monitor progress—full scan takes 10-30 mins.
4. Review Results: Reports show High/Medium/Low risks, e.g., 24 vulnerabilities on Metasploitable including MS08-067.

Export reports in PDF/XML for stakeholders. Advanced: Integrate with OSSIM for SIEM correlation.

What Are Best Practices and Advanced Tips for OpenVAS Vulnerability Assessment?

Beyond basics, optimize your OpenVAS vulnerability scanning workflow. Schedule weekly scans, as 60% of breaches exploit known vulns over 1 year old (Verizon DBIR 2024).

Integrating OpenVAS with Other Security Tools

• Nessus Comparison: OpenVAS is free but Nessus ($2,500/year) has better zero-days (20% more via plugins).
• With Metasploit: Export XML, import to msfconsole for auto-exploitation.
• CI/CD Pipelines: Use openvas-cli for Dockerized scans in Jenkins.

Scaling OpenVAS for Enterprise Use

Deploy Greenbone Community Edition on AWS EC2 (t3.large, $0.10/hour). Handle 1,000 nodes with sensor clustering, cutting scan time by 70%.

Conclusion: Launch Your OpenVAS Vulnerability Scanning Journey

With this OpenVAS installation and setup guide, you’re equipped to perform professional-grade vulnerability assessments. From Kali Linux deployment to scanning Metasploitable, you’ve built a foundational skillset used by 70% of ethical hackers, per Offensive Security surveys.

Stay updated—in 2026, expect AI-driven NVT prioritization in OpenVAS 23+. Experiment safely, always get permission for scans, and combine with patch management for holistic security.

Frequently Asked Questions (FAQ) About OpenVAS Vulnerability Scanning

1. Is OpenVAS 9 still relevant in 2024?

Yes, for learning and legacy systems, though upgrade to GVM 22 for latest feeds covering 60,000+ CVEs.

2. How long does OpenVAS installation take?

Typically 30-60 minutes on a standard Kali setup, including feed syncs.

3. Can I install OpenVAS on Windows or macOS?

No native support; use Docker or a Linux VM. Kali in WSL2 works for light scans.

4. What’s the difference between OpenVAS and GVM?

GVM is the upstream project; OpenVAS 9 is an older branded release. Both perform similar vulnerability assessments.

5. How accurate is OpenVAS at detecting vulnerabilities?

85-95% with tuning, outperforming free alternatives but trailing paid tools like Qualys by 5-10% in benchmarks.

6. Do I need to sync feeds after OpenVAS setup?

Yes, daily via cron: sudo greenbone-nvt-sync && sudo greenbone-feed-sync for fresh tests.

7. Is OpenVAS safe for production networks?

Use in read-only mode with low-aggression scans to avoid DoS risks on fragile systems.