OpenVAS on the Raspberry Pi 4 works really well!

I’ve been trying to set up OpenVAS on a tiny PC like the RPi lately. Based on this post: https://dayne.broderson.org/2018/05/24/RPi_Vulnerability_Scanner.html

I wasn’t expecting much success. And that’s what I found. It wasn’t really usable. I saw the TinkerBoard and the extra performance and RPi compatibility and thought that might be a good thing to try. I was never able to get a working mix of software on the Tinker. The repositories aren’t quite the same and some of the necessary packages, OpenVAS in particular, are not maintained.

Then the RPi4 was announced. I knew this might be the ticket to making this work. 4GB of RAM!!! Unfortunately, the 4GB model isn’t available yet, as far as I can tell. I decided to wait. Then I found out my sometimes partner in crime, Steve, had ordered a pair of 2GB models. Of course, I asked if I could borrow one.

I’m happy to report that the install is simple and it was able to scan my /24 that averages about 75 IP’s in about 3 hours! I didn’t modify anything performance related and didn’t have any of the problems that Dayne referenced.

I do need to sort through a few logistic issues to make this functional in the way I’m thinking. For one thing, I want to run this headless. No problem, except OpenVAS (specifically the GSA web management) is finicky about identifying the IP address it’s listening on. So far I have to manually set it and haven’t figured out how to make it work with 0.0.0.0. I’ll find a way. I also had a problem with the management interface failing due to memory starvation. I think. The scan will continue to run, so it’s not a showstopper. I’m hoping the 4GB will help with that. I also think it’ll be helpful to throw some heatsinks on. It seemed to get pretty hot.

Without further pre-amble, the steps I took. This is very similar to Dayne’s post with a few exceptions:

sudo apt update
sudo apt upgrade
sudo apt autoremove //habit for me
sudo apt-get install openvas
sudo openvas-setup //this took a good hour, maybe more, to run. Lots of errors, but it seems to have been ok.
sudo openvas-start

This is the part I haven’t sorted out yet. You need to update the service config files to reflect something other than 127.0.0.1. I tried 0.0.0.0 and was unsuccessful. When I changed it to the DHCP IP address it worked. I don’t see this as being a good solution as I intend on using this in different environments. Regardless, here are the commands until I can sort out the right answer:

sudo nano /lib/systemd/system/greenbone-security-assistant.service
sudo systemctl daemon-reload
sudo service greenbone-security-assistant restart

sudo nano /lib/systemd/system/openvas-manager.service
sudo systemctl daemon-reload
sudo service greenbone-security-assistant restart
sudo service openvas-manager restart
sudo service openvas-scanner restart

And my GS service line that I edited in the above command:
ExecStart=/usr/sbin/gsad –foreground –listen=0.0.0.0 –port=9392 –mlisten=0.0.0.0 –mport=9390 –allow-header-host=192.168.169.198

The –allow-header-host is the problem I need to fix. I’ll update as I make improvements. One of my goals is to attach a small LCD that will display the IP address.

Raspberry Pi Zero W headless setup

There seems to be conflicting info out there for how to accomplish this.  Compounded with the Zero’s different micro ports, it’s easier if you can set it up as a headless device.  Unfortunately, I found that if you try to do this locally, with a monitor and keyboard, the order of operations causes the ssh keys to be faulty.  So, let’s make it easy and just do it all from the start.  Download Raspbian Jessie Lite.  I believe the version I got is 03.02.  In Windows I’m using Rufus to write the disk image.  Select the disk image from the folder icon in the lower right.  You need to search for all file types, as it’s not an ISO.  Once you select it, Rufus will automatically determine that it needs to be a DD write for the file.  Fire it off on your micro SD card and let it finish.  It will take a few minutes.

When it’s done you’ll have a single partition viewable in Windows for the SD card.  Right click and create a Notepad file called ssh.txt in the root of that partition.  Just create it.  Don’t edit it.  Create another Notepad file and call it wpa_supplicant.conf.  Open that in Notepad and add the following:

ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1

network={
    ssid="Your SSID Here"
    proto=RSN
    key_mgmt=WPA-PSK
    pairwise=CCMP TKIP
    group=CCMP TKIP
    psk="YourPresharedKeyHere"
}

Modify the SSID and PSK to match your WiFi settings and save it.  Pop the SD card out, pop it into your Zero W and boot it up.  Wait a few minutes, and then you’ll need to find the dhcp address the Zero W received.  For me, I checked the dhcp scope on my firewall and found a new dhcp lease for a device named “raspberrypi”.  Open up Putty and ssh to that IP.  You should be connected at that point.  Probably a good idea to run raspi-config and update the password and host name.

RN-XV, Arduino and funny characters

No, I’m not talking about myself. I’ve embarked on an ambitious project that is sure to never get completed. On my way there I’m working on getting an RN-XV “cheap” WiFi adapter talking to an Arduino. I’ve had all kinds of issues getting it connected and it all comes down to spaces.

I’ll have more detail later about what I’m trying to do but, my immediate issue boiled down to my use of $ in my passphrase. The RN-XV and actually the RN-171 it’s based on has a nice feature of escaping spaces in SSIDs and passphrases with a $ by default. This took some digging to find out but once I did I was able to change it.

Connect to the RN-XV from your console. I used the Adafruit XBee adapter kit through a com port on my PC. Do $$$ to get into CMD mode. From there you can do a couple of things. For my purposes I needed to do the following:

<2.30> get opt replace
JoinTmr=1000
Replace=0x26
DeviceId=WiFly-EZX
Password=
Format=0x0
Signal=0
Average=5

You can see I’ve already changed it here but the default would be Replace=0x24 which is $ in ascii. To change it:

set opt replace 0x26

Then don’t forget to “save” or it’ll revert to the wrong character. You can also check the saved WLAN settings with “get wlan”.

Now that I have it successfully connecting, getting it to do something might be a little more of a challenge. I’m trying to work with this library but it’s proving to be a challenge. More here as I figure that out.