OpenVAS Vulnerability Scanner

openvas

The Open Vulnerability Assessment System (OpenVAS) is a vulnerability scanner maintained and distributed by Greenbone Networks. It is intended to be an all-in-one vulnerability scanner with a variety of built-in tests and a Web interface designed to make setting up and running vulnerability scans fast and easy while providing a high level of user configurability.

OpenVAS is open-source, which means it is free to use and its source code is public as well. It is licensed under GNU (General Public License). Although it is free but even then it is really good at its job and comes in the list of top 10 VAS. OpenVAS repository can be found here.

Why use OpenVAS scan?

The essential motivation to utilize this scan type is to perform thorough security testing of an IP address. It will at first lead a port scan of an IP address to discover open services. When listening services are found, they are tested for known vulnerabilities and misconfiguration utilizing an enormous database (more than 53000 NVT checks). The outcomes are incorporated into a report, including point by point data with respect to every vulnerability and notable issues found.

When you get the results of the tests, you should check each finding for significance and conceivably false positives. Any confirmed vulnerabilities ought to be re-mediated to guarantee your systems are not in danger.

Vulnerability scans performed from remotely facilitated servers give you a similar viewpoint as an attacker.

Installation

OpenVAS is designed to be a self-contained vulnerability scanning framework. It is available either as a virtual machine or as source code that can be compiled and installed on an existing Linux machine. In this section we will only discuss about how to set up OpenVAS in virtual machine.

  • Download and install a virtual machine (VirtualBox, ESXi is preffered).
  • Next, download OpenVAS ISO file from here.
  • Create a virtual image with the following configuration:
    • 2048 MB of RAM
    • A new hard disk with 9 GB of storage
    • After creating the machine, right click and go to Settings → System → Processor and select 2 CPUs
    • Set the network type to NAT
  • Now, Power the machine up and choose the downloaded OpenVAS ISO file. Follow on screen prompts to set it up.
  • To setup the Greenbone Security Manager (GSM):
    • Note the IP address of the Web interface
    • Shut down the computer
    • In VirtualBox, go to Settings->Network->Advanced->Port Forwarding
    • Create a new rule with the following options: Protocol:
      • TCP
      • Host IP Address: 127.0.0.1
      • Host Port: 8443 (Or any unused port over 1024)
      • Gust IP Address: (Web Interface Address)
      • Guest Port: 443
  • Log into the machine with the account credentials that you set earlier
  • Follow the prompts to configure the Web Interface
  • When you reach the Greenbone OS configuration menu, select About. If you do not have a Feed Version shown, wait until it updates
  • On your host, browse to https://127.0.0.1:8443
  • Log in with the web credentials that you set.

How to start a scan?

  • Log into OpenVAS with admin account.
  • Once authenticated, click on scan > tasks.
This image has an empty alt attribute; its file name is scan.png
  • Click on the star icon in the upper left corner and then click New Task.
This image has an empty alt attribute; its file name is new-scan.png
  • An overlay window will appear. In this window, give the new scan a name and comment. Here make appropriate changes to your scanning settings.
This image has an empty alt attribute; its file name is create-scan.png
  • Click on Create to create task.
  • Finally, click on the play button under Actions to start the scan.
This image has an empty alt attribute; its file name is start.png

Related Post

Leave a Reply

Your email address will not be published. Required fields are marked *