OpenVAS is widely used and valuable security scanning tool and an essential component for any one creating a public or private cloud infrastructure. The OpenVAS open source project is sponsored by "Greenbone Networks" and they make available a pre-packaged OpenVAS based VM Appliance as "GCE - GSM (Greenbone Security Manager) Community Edition". This is based on Debian Linux and designed run on any of : Virtual Box, VMWare ESXi or Microsoft Hyper-V.
But what about KVM (Kernal Virtual Machine), which provides core of most private and many public clouds ?
To get GCE Virtual Appliance running requires a bit of KVM / QEMU tickering, so to help people here are some guidelines taken from my working configuration.
NOTE: This is not a set of step by step instructions, but rather the key configuration items that you must select to allow QEMU / KVM machine to run. In my case I manage most of my KVM's with "Virtual Machine Manager".
Here is information you need to configure QEMU / KVM machine:
- Greenbone Community Edition - based on Debian 3.16 64-Bit Linux (Jessie release)
- Hypervisor - KVM
- Architecture - x86_64
- Chipset - Q35
- Firmware - BIOS
- HD Type - SCSI HD (must be device 0:0:0:1)
- SCSI Controller Model - lsilogic
- Graphics - Video QXL
- Keyboard - Generic PS2 Keyboard
- NIC Device Model - e1000-82545em
- CPU - x 2
- Memory - 4096 MiB
The GCE Debian Linux distribution has been stripped out to remove superfluous drivers and other programs, so you will find that if you do not use the configuraiton as above then GCE will not find HD or you will not have any network interface available for scanning.