Overview :
• Introduction to OpenVAS
• Configuration and Installation
• Vulnerability Assessment
Introduction to OpenVAS
OpenVAS is the security framework of varieties tools offering a comprehensive and powerful vulnerability scanning & management solution.
1. OpenVAS CLI (Command Line Interface) : It collects command line tools to handle with the OpenVAS services via the respective protocols.
2. Greenbone Security Assistant : It's a lean web service designed with security in mind.
It implements the full functionality offered by OpenVAS Manager.
3. Greenbone Security Desktop : Client for OMP , Qt-based , It's interoperable and has support of Internationalisation (English, German, French).
4. OpenVAS Scanner : The Scanner very efficiently executes the actual Network Vulnerability Tests (NVTs) which are updated daily via the Feed.
5. OpenVAS Manager : It's the central service that consolidates plain vulnerability scanning into a full vulnerability management system.
6. OpenVAS Administrator : It acts as a command line tool or as a full service daemon offering the OpenVAS Administration Protocol (OAP). The most important tasks are the user management and feed management.
7. NVT's : The OpenVAS project maintains a public feed of Network Vulnerability Tests (NVTs). It contains more than 35,000 NVTs (as of April 2014), growing on a daily basis.
8. Result’s Configurations : It stores all the configurations of VAR in the database for maintenance.
Configuration and Installation of OpenVAS
If you haven’t already, make sure your Kali is up-to-date and install the latest OpenVAS. Once done, run the openvas-setup command to setup OpenVAS, download the latest rules, create an admin user, and start up the various services. Depending on your bandwidth and computer resources, this could take a while. Command for installation in Linux as shown below : openvas-setup
Command for listening addresses of openvas as shown below : netstat –antp
For starting the OPENVAS type command as shown below : openvas-start
Once openvas-setup completes its process, the OpenVAS manager, scanner, and GSAD services should be listening
Point your browser to https://127.0.0.1:9392 , accept the self signed SSL certificate and plugins the credentials for the admin user. The admin password was generated during the setup phase
That’s it! Now OpenVAS is ready for you to configure it and run a scan against a given IP or range.
Security Vulnerability Assessment
Point your browser to https://127.0.0.1:9392, accept the self signed SSL certificate and plugins the credentials for the admin user. The admin password was generated during the setup phase
************************************************************
Username: admin
Password: The admin password was generated during the setup phase
************************************************************
Quick start: Immediately scan an IP address
IP address or hostname: 127.0.0.1 or localhost
Thank you
Happy Hacking
Vineet Bharadwaj is the Founder of this Website. He is a Security Researcher, Pentration Tester and Certified Ethical Hacker with experience in various aspects of Information Security and Co author in "hakin9.org IT Security Magazine" n "E-forensics Magazine" and Author of Ebook "Wireshark: The packet sniffer" Also Got listed In many Big companies site's Hall Of Fame Other then He is a SEO expert,Web Analytic Expert, Blogger, Web Developer n Designer, Social Media Marketing. His all efforts is to make internet more Secure.
ConversionConversion EmoticonEmoticon