This is a GVM (OpenVAS) Docker image intended for one-off scans.
https://hub.docker.com/repository/docker/jeffleder/gvm-docker
- Install Docker (see https://docs.docker.com/engine/install/debian/ for debian)
- Create a volume to store persistent data
docker volume create openvas- Run the container
docker run --detach --publish 127.0.0.1:9392:9392 -e USERNAME="admin" -e PASSWORD="admin" --volume openvas:/data --name openvas --restart unless-stopped jeffleder/gvm-docker- The
--detachswitch will run the container in a detached state - The
--publish 127.0.0.1:9392:9392switch will forward host port9392to container port9392(the GSA web GUI port)- You can change the host port from
9392to any available port that you'd like (e.g.8080) - The
127.0.0.1part of the switch will force GSA to only listen for localhost connections
- You can change the host port from
- The
-e USERNAME="admin"switch allows you to specify a username to log into the GSAD web GUI with - The
-e PASSWORD="admin"switch allows you to specify a password to log into the GSAD web GUI with - The
--volumeswitch specifies the volume to use for persistent data - The
--nameswitch allows you to specify whatever freindly name you want for the container (this guide usesopenvasthroughout) - The
--restart unless-stoppedswitch daemonizes the container (so it will restart on crash and/or system reboots) - The last
jeffleder/gvm-dockeritem specifies the image to pull and run for the container
You can verify that the container has completed loading by running:
docker logs openvas
If you see Your GVM container is now ready to use!, the container is ready to go.
Access the web interface from the docker host via http://127.0.0.1:9392
Default Credentials:
Username: admin
Password: admin
This command will show you the GVM processes running inside the container:
docker top openvas
All the logs from /var/log/gvm/* can be viewed by running:
docker logs openvas
Autobuilds bake NVT/SCAP/CERT Data into the DockerHub image so that the latest build has the most recent feeds