I recently deployed a few internet facings servers and decided it was probably prudent to at least hit them with a vulnerability scanner. I could have registered for a trial of Nessus or something of the sort. However I decided to try OpenVAS, as it has been a while since I used it and liked the idea of using something open source.

I found that the install process was just as bad as I remember. Following multiple different install guides just led me to broken install after broken install. I eventually gave up and used a docker image, which to my surprise, worked flawlessly. The github repo is available here: https://github.com/immauss/openvas. This made things much less painful and worked on my first attempt, after sorting out how to enforce HTTPS. I highly recommend this method.

tl;dr
Want OpenVas? Spin up a Debian/Ubuntu box and do this.

apt update

apt install docker.io

docker volume create openvas

docker run --detach --publish 8080:9392 -e PASSWORD="thisisapassword" -e HTTPS=true --volume openvas:/data --name openvas immauss/openvas

The arguments should be self explanatory. After launching that docker image, you should be able to hit the OpenVAS web interface over HTTPS on port 8080.