I ran into an issue with my OpenVAS 9 installation and couldn't find
anything about it online (at least in the limited googling that I did), so
I wanted to post the error message and a workaround in case anyone else
runs into it.
I installed OpenVAS 9 on an AWS EC2 instance running Ubuntu 16.04.3 LTS.
The installation went smoothly, but upon pointing my browser to
https://<IP>:4000
I got the following error message:
"The request contained an unknown or invalid Host header. If you are trying
to access GSA via its hostname or a proxy, make sure GSA is set up to allow
it."
I think it may have to do with the fact that the outward-facing IP address
used to access the server is not owned by the server itself, which is
normal on AWS. In any case I couldn't find any config settings that
addressed this.
I saw that a lot of people use OpenVAS on a local machine, and I was able
to access the Greenbone Security Assistant with /usr/bin/links, so I
thought I'd try nginx to simulate a local user. I changed the GSA
configuration (/etc/default/openvas-gsa) to disable HTTPS:
HTTP_ONLY=1
Next I installed nginx:
$ sudo apt-get install nginx
And configured nginx as follows:
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
location / {
proxy_pass http://localhost:4000;
}
}
$ sudo /etc/init.d/nginx start
At that point I was able to access GSA by pointing my browser to http://<IP>
so I'm hitting nginx on port 80 rather than hitting GSA directly on port
4000.
Note that if you want to run OpenVAS on AWS, you should complete a pentest
permission request (https://aws.amazon.com/premiumsupport/knowledge-
center/penetration-testing/).
_______________________________________________
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
