OpenVAS (Open Vulnerability Assessment System) is an framework of several services and tool with mutually form an effective Vulnerability Scanner. It is an excellent tool for vulnerability scanning. It uses a database of over 28,00000 test plugins. It is a very good alternative for commercial network scanning tools available. OpenVAS is used worldwide by security enthusiasts and security experts. All products of openVAS are a free software and licensed under GPL.
OpnVAS is consists of three parts i.e. OpenVAS Scanner, OpenVAS Manager and OpenVAS CLi.
A. OpenVAS Scanner
- The scanner very efficiently execute real time vulnerability test.
- It can handle more then one target host on a single time.
- OpenVAS Transfer Protocol (OTP) is provided.
- SSL is supported for OTP
B. OpenVAS Manager
- Handles SQL Database where all scanning results and configurations are stored.
- Control scanner via OTP and offers XML based OpenVAS Management Protocol (OMP)
- It can stop, pause or resume scanning operations.
- User management is possible including group level management and access control management.
C. OpenVAS CLI
It is a command line tool and act as Client for OMP, it could be run over Windows or Linux.
We will be using Ubuntu 15.04 for installation example setup.
Install sqlite for OpenVAS manager.
$ sudo apt-get install sqlite3
Install other required packages
$ sudo apt-get -y install python-software-properties
Create PPA repo for OpenVAS
$ sudo add-apt-repository ppa:mrazavi/openvas
$ sudo apt-get update
Install OpenVAS Package
$ sudo apt-get install openvas
Press yes when above screen appear.
$ sudo /etc/init.d/openvas-scanner restart
$ sudo /etc/init.d/openvas-manager restart
$ sudo /etc/init.d/openvas-gsa restart
Before running any test, upgrade network vulnerability tests
$ sudo openvas-nvt-sync
Open Browser and type:
Default user name is ‘admin’, password ‘admin’.
After login Greenbone security assistant portal will open
You have installed OpenVAS successfully.
Scan some ip address
Process can be monitored in action with a click on immediate scan list
Update vulnerability database
$ sudo openvas-nvt-sync
Add a new openvas user
$ sudo openvas-adduser
OpenVAS is a modular security auditing tool. There are several scan configuration profiles like: full and last, very deep or full and fast ultimate etc. You have to be very careful while using various scanning modes, if some threat is detected you can go through various reports generated.