Openvas installation in CentOS 7

What is Openvas?

OpenVAS (Open Vulnerability Assessment System, originally known as GNessUs) is a software framework of several services and tools offering vulnerability scanning and vulnerability management.

All OpenVAS products are free software, and most components are licensed under the GNU General Public License (GPL). Plugins for OpenVAS are written in the Nessus Attack Scripting Language, NASL.

The primary reason to use this scan type is to perform comprehensive security testing of an IP address. It will initially perform a port scan of an IP address to find open services. Once listening services are discovered they are then tested for known vulnerabilities and misconfiguration using a large database (more than 53000 NVT checks). The results are then compiled into a report with detailed information regarding each vulnerability and notable issues discovered.

Once you receive the results of the tests, you will need to check each finding for relevance and possibly false positives. Any confirmed vulnerabilities should be re-mediated to ensure your systems are not at risk.

Vulnerability scans performed from externally hosted servers give you the same perspective as an attacker. This has the advantage of understanding exactly what is exposed on external-facing services.

Step 1: Disable SELinux


sed -i ‘s/=enforcing/=disabled/’ /etc/selinux/config


and reboot the machine.

Step 2:  Install dependencies


yum -y install wget rsync curl net-tools


Step 3: Install OpenVAS repository

install the official repository so that OpenVAS works appropriately in the analysis of vulnerabilities.


wget -q -O – |sh


Step 4: Install OpenVAS


yum -y install openvas


Step 5: Run OpenVAS

Once OpenVAS is installed, we continue to start it by executing the following command:




Once downloaded it will be necessary to configure the GSAD IP address, Greenbone Security Assistant, which is a web interface to manage system scans.

Step 6: Configure OpenVAS Connectivity

We go to our browser and enter the IP address of the CentOS 7 server where we have installed OpenVAS, and we will see that the following message is displayed:

Openvas dashboard


Automatic NVT Updates With Cron


35 1 * * * /usr/sbin/greenbone-nvt-sync > /dev/null
5 0 * * * /usr/sbin/greenbone-scapdata-sync > /dev/null
5 1 * * * /usr/sbin/greenbone-certdata-sync > /dev/null



4 thoughts on “Openvas installation in CentOS 7

  1. I recommend installing epel repository before installing openvas/gvm. If epel-release repo isn’t installed, openvas package update will error with dependencies issues.

  2. I Did, but I see this issue

    Requires: python36

    I believe its because centos7 uses python2 by default and GVM has python3 as a dependency.

    This is how I fixed it
    yum install -y python3
    yum –enablerepo=extras install epel-release
    yum install python-devel
    yum install libffi-devel
    yum install openssl-devel
    yum install python-pip
    pip install paramiko
    pip install –upgrade pip

  3. Step 5 throws errors on CentOS 7.

    Redirecting to /bin/systemctl restart redis.service
    /usr/bin/openvas-setup: line 109: /etc/openvas/openvassd.conf: No such file or directory
    /usr/bin/openvas-setup: line 116: /etc/openvas/openvassd.conf: No such file or directory

    Also package name changed.

    # yum -y install openvas
    Loaded plugins: fastestmirror, langpacks
    Loading mirror speeds from cached hostfile
    * atomic:
    * base:
    * epel:
    * extras:
    * updates:
    Package is obsoleted by which is already installed
    Nothing to do

Leave a Reply

Your email address will not be published. Required fields are marked *