lesslinux.org Development Blog

Just another WordPress weblog

OpenVAS included, GUI for BLOB installation

We made some progress in both handling of BLOBs (binary large objects, programs like Google Chrome or TeamViewer that are only available as binary packages. A new feature is the integration of OpenVAS, a vulnerability scanner to detect unsafe devices in your networks. I am especially proud for my wrapper script to start OpenVAS: This does all necessary preparation work, so you do not have to manually download vulnerability definitions or rebuild databases. However, OpenVAS is still fat and occupies more than 1.2GB RAM when started from DVD! So, some preparation is recommended.

Starting OpenVAS when running from RAM

Running from memory is possible if you have at least 4GB main memory. To run OpenVAS on a system that is running from a DVD, make sure the boot parameter

toram=0

is set when you have less than 6GB RAM. Otherwise the DVD would be copied to main memory. On systems with 6GB RAM or more, you can leave toram=... at its default.

Starting OpenVAS when running from USB

Starting from an USB thumb drive is highly recommended when you intend to use OpenVAS. Use a thumb drive with 8GB or larger! This way it is possible to persistently store vulnerability definitions, only updates and data base rebuilds are necessary each time you use OpenVAS. As a default, OpenVAS is installed to the LessLinuxBlob partition on the thumbdrive upon first boot. You have to make sure that this partition gets properly sized. This is done by passing

blobsize=1536 or blobsize=2048

to the boot parameters when booting a fresh prepared thumb drive for the first time. To improve performance you might also want to specify

swapsize=512 or swapsize=1024

to create swap space. The initramfs scripts from LessLinux now partition the stick according to these size requests. Changes after the first boot are not possible!

Specify blobsize=2048 when booting from USB the first time. This creates a partition large enough to store all files needed by OpenVAS.

Quick hack: Boot from DVD, OpenVAS on USB

If you do not want to create a full fledged LessLinux thumb drive, do this:

  • Boot LessLinux
  • In a root terminal use the command mkfs.ext4 -L LessLinuxBlob /dev/sdx1 to format a thumb drive with the correct label (replace sdx1 with your actual device).
  • Reboot

After the reboot the USB drive will contain the skeleton for OpenVAS and you can enjoy many advantages of a fully USB installation.

First start of OpenVAS and GSA

To run OpenVAS use the command

sudo openvas-wrapper

in a terminal window. This will download everything still needed, build the databases, add a default user, start the daemons and finally start a firefox window with the GSA web frontend. The wrapper will likely need 10 to 30 minutes upon first invocation. When invoked the next time with most files recent enough, it will probably take 2 to 5 minutes. To use OpenVAS login with user “lesslinux” and password “lesslinux”.

After preparing OpenVAS you can do vulnerability scans with Greenbone Security Assistant.

Installing BLOBs

We try to keep proprietary code and binary only files out of our tree. On the other hand users demand the possibility to install commercial applications for virus scanning, remote control or web browsing. Since we neither use an overlay filesystem nor a standrad package manager, this is no easy task. However, if we create the directory structure needed by those third party apps and add some wrapper scripts, it works. Initial support for BLOBs was added some two years ago but only actively used in commercial derivatives where the BLOBs where included in the boot media. We now added a possibility to download and install BLOBs. In most cases you want to install BLOBs persistent on a USB thumb drive. To prepare the thumbdrive follow the steps mentioned above. If you are not using OpenVAS, a 1GB BLOB partition might be enough. If you are also using OpenVAS, sonsider 2GB or more. When working on a machine with lots of memory and fast internet access, you can install BLOBs in volatile memory.

To add BLOBs, run “Accessories > Install software”. This starts the “LessLinux BLOB installer”, currently containing the three applications mentioned above.

Currently only three programs are available via the BLOB installer – more will follow.

Download

As always you can download this image from download.lesslinux.org: lesslinux-search-and-rescue-uluru-20141006-195652.iso

Note: Also generally considered stable this build might have issues mounting WebDAV shares and resetting Windows passwords using the GUI tool (the CLI tool chntpw is not affected). A fix will follow soon.

Comments are closed.