相信大家的心裡一定是一頭霧水,跟我一樣充滿了疑問?有聽過 RedHat、Fedora、Debian & Ubuntu 等等... 各式各樣的 Linux,就是沒有聽過 Kali Linux。
其實 "她" 可厲害了!她可以說是全世界駭客們的最愛,此話怎麼說?她是專門設計給 "滲透測試" 專用的系統。當這個系統安裝好後,預設就安裝好各式各樣的滲透掃描工具,這當中當然也包含了 這套 OpenVAS,所以說 Kali 是 OpenVAS 的好朋友,一點都不為過。
接下來的 "圖解" 就是要說明我們這篇所要討論的大致內容:
我們就從 Kali Linux 的安裝開始說起:
Step 1: Download from this official website https://www.kali.org/downloads/
Step 2: After download "kali-linux-1.1.0-amd64.iso" upload to VMware (ex. ESXi 5.5)
VMware vSphere Client | Configuration | Storage | Datastores
Step 1: Download from this official website https://www.kali.org/downloads/
VMware vSphere Client | Configuration | Storage | Datastores
Step 3: Create a new Virtual Machine for Kali Linux.
Getting Started | Create a new virtual machine | Typical | Name for VM | Storage | OS version | Network | Disk size | Select Edit | Select ISO for Connect CD/DVD
Tips 3-1: Change the disk size to "20 GB".
Step 4: First start VM for install Kail Linux.
Step 5: Select "Graphical install" then "Enter"
Step 6: "Select a language" for the installation.
Step 7: "Select your location" for your time zone. (ex. Taiwan)
Step 8: "Configure the keyboard" (ex. American English)
Step 9: "Configure the network" for setup a hostname for this system. (ex. kali)
Step 10: Assign a domain name. (ex. openvas.com)
Step 17: After "Continue" then installing the system.
Step 1: First start OpenVAS on Kali Linux should check update first.
Application | Kali Linux | Vulnerability Analysis | OpenVAS | openvas feed update
Application | Kali Linux | Vulnerability Analysis | OpenVAS | openvas initial setup
# service ssh start
# openvas-setup
# netstat -an |grep '939'
Step 8: OpenVAS listen IP only for loaclhost (127.0.0.1), open to others IP then restart OpenVAS service.
# gsad --listen=192.168.2.68 ## Kail Linux eth0 IP
# openvas-stop
# openvas-start
Step 9: Open a browser for login OpenVAS (ex. https://192.168.2.68:9392)
# openvasmd --user=admin --new-password=<New Password>
OpenVAS is working on Kali Linux now.
恭喜你!!! 說明到這裡,已經讓 OpenVAS 能正常的在 Kali Linux 上面執行。
或許在安裝過程和啟動服務中,並沒有想像的順利,不過只要稍微注意一下,這些 "提示(Tips)" 的說明,應該都可以迎刃而解。
之所以會運用 Kali Linux 執行 OpenVAS,是因為 OpenVAS 的安裝雖然很容易,但是有些套件並是原生就有, 都需要額外的 tuning ,所以直接使用 Kali 的 OpenVAS 也會相對容易些。
Ok~關於 Kali Linux 的介紹,我們就先說到這裡。等以後有機會,需要用到上面其他不同的測試工具時,我們再來繼續做討論。
先祝福大家 "新年快樂"~ 我們明年見!
~ See you ~
參考出處:
https://www.kali.org/
http://www.openvas.org/
沒有留言:
張貼留言