Your Ultimate Guide to Installing and Configuring GVM on Ubuntu 20.04
Proactively identifying and mitigating security vulnerabilities is a cornerstone of modern cybersecurity. Greenbone Vulnerability Management (GVM), the successor to the well-known OpenVAS, is a powerful, open-source framework designed to do just that. It provides a comprehensive suite of tools for vulnerability scanning and management, helping you strengthen your network’s security posture.
This guide will walk you through a complete, step-by-step process for installing and configuring GVM 20.08 on an Ubuntu 20.04 LTS server.
Prerequisites
Before we begin, ensure you have the following:
- A server running a clean installation of Ubuntu 20.04 LTS.
- Root or sudo privileges.
- A stable internet connection for downloading packages and vulnerability feeds.
- Recommended System Resources: At least 4GB of RAM and 2 CPU cores, as the initial feed synchronization can be resource-intensive.
Step 1: Prepare Your System and Add the GVM Repository
First, it’s crucial to ensure your system is fully up to date. Open your terminal and run the following commands:
sudo apt update
sudo apt upgrade -y
Next, we need to add the Personal Package Archive (PPA) that contains the necessary GVM packages. This ensures you get stable and well-maintained versions of the software.
sudo add-apt-repository ppa:mrazavi/gvm
sudo apt update
Adding this PPA makes the GVM installation process significantly simpler and more reliable than compiling from source.
Step 2: Install the GVM Packages
With the repository added, you can now install GVM with a single command. This command will pull in all the required components, including the scanner, manager, and the Greenbone Security Assistant (GSA) web interface.
sudo apt install gvm -y
This installation will take a few minutes as it downloads and configures the core GVM framework on your system.
Step 3: Run the Initial GVM Setup
After the packages are installed, the next step is to run the initial configuration script. This is the most critical—and time-consuming—part of the process. This script performs several essential tasks:
- Downloads the latest vulnerability feeds (NVT, SCAP, and CERT-Bund).
- Configures the PostgreSQL database.
- Creates the necessary SSL certificates for secure communication.
- Generates a unique, secure password for the admin user.
To start the setup, execute the following command:
sudo gvm-setup
Important: This process can take anywhere from 30 minutes to several hours, depending on your internet speed and system performance. Do not interrupt it. The script will display its progress as it syncs the massive vulnerability feeds.
Once the setup is complete, it will display the generated password for the admin user. Be sure to copy and save this password in a secure location, as you will need it to log in to the web interface.
Step 4: Verify Your GVM Installation
To ensure all components are running correctly and communicating with each other, GVM provides a helpful diagnostic script. Running this script is a crucial step to confirm your installation was successful.
sudo gvm-check-setup
If everything is configured correctly, you should see the message: “It seems like your GVM-20.08.1 installation is OK.”
If the script reports any errors, it will also provide suggestions on how to fix them. Carefully read the output and follow the recommended steps before proceeding.
Step 5: Access the GVM Web Interface
GVM is managed through a web-based interface called the Greenbone Security Assistant (GSA). By default, the GSA service listens on the local loopback address for security.
You can access it by navigating to the following URL in your web browser:
https://127.0.0.1:9392
You will likely receive a browser warning about a self-signed SSL certificate. This is expected; you can safely proceed.
Use the following credentials to log in:
- Username:
admin - Password: The password you saved during the
gvm-setupstep.
Security Tip: If you are accessing the server remotely, it is highly recommended to use an SSH tunnel to securely forward the GSA port to your local machine rather than exposing it directly to the internet.
# On your local machine, run this command to forward the port
ssh -L 9392:127.0.0.1:9392 user@your_server_ip
Running Your First Vulnerability Scan
Now that you have a fully functional GVM installation, you can run your first scan.
- Configure a Target: In the GSA interface, navigate to Configuration > Targets. Create a new target by specifying the IP address or hostname of the machine you want to scan.
- Create and Launch a Scan Task: Go to Scans > Tasks and create a new task. Select the target you just created and choose a scan configuration (the “Full and fast” profile is a good starting point).
- Review the Results: Once the scan is complete, you can click on the report to see a detailed breakdown of all discovered vulnerabilities, sorted by severity. This report provides valuable information for prioritizing and fixing security issues.
Essential Security and Maintenance Tips
- Change the Default Admin Password: Your first action after logging in should be to change the auto-generated admin password to something memorable and secure.
- Keep Feeds Updated: Vulnerabilities are discovered daily. Keep your GVM feeds updated by running the following command regularly (e.g., as a daily cron job):
bash
sudo gvm-feed-update
- Secure the GSA Port: Use a firewall like
ufwto restrict access to port 9392, allowing connections only from trusted IP addresses. - Schedule Scans Wisely: Vulnerability scans can be network and resource-intensive. Schedule them during off-peak hours to minimize impact on production systems.
By following this guide, you have successfully deployed a powerful, enterprise-grade vulnerability management solution. Regular scanning with GVM is a fundamental practice for maintaining a robust security posture and protecting your digital assets from emerging threats.
Source: https://kifarunix.com/install-and-setup-gvm-20-08-on-ubuntu/
