OpenVas - Open source Vulnerability scanner

-

 

 


OpenVAS, short for Open Vulnerability Assessment System, is an open-source network security scanner used for vulnerability assessment and management. It was first released in 2005 as a fork of the popular Nessus scanner and has since become one of the most widely used vulnerability scanners among security professionals and network administrators.

OpenVAS works by conducting comprehensive vulnerability scans of network devices, servers, and web applications. It uses a large database of vulnerability tests and checks for known vulnerabilities, misconfigurations, and security weaknesses. Here are some of the key features of OpenVAS:

  1. Comprehensive Scanning: OpenVAS is capable of conducting thorough scans of a wide range of network devices and applications, including servers, workstations, web applications, and databases.

  2. Extensive Vulnerability Database: OpenVAS has a vast database of vulnerability tests that can detect known vulnerabilities, misconfigurations, and security weaknesses in network devices and applications.

  3. Customizable Scan Policies: OpenVAS allows users to customize scan policies and configure the tool to meet their specific needs. This includes setting scan schedules, defining targets, and adjusting scan intensity.

  4. Reporting and Remediation: OpenVAS provides detailed vulnerability reports that highlight the specific vulnerabilities and risks detected during scans. The tool also provides recommendations and remediation steps to help users fix identified issues.

  5. Integration: OpenVAS integrates with a wide range of other security tools and services, including the Security Content Automation Protocol (SCAP), which allows users to share and exchange vulnerability data.

Overall, OpenVAS is a powerful and versatile tool for conducting vulnerability assessments and managing network security. However, it requires some technical expertise to use effectively, and it is important to ensure that it is used ethically and responsibly.

Nn kali openvas is not present by default. We have to install it manually, for installing openvas open a terminal and enter


apt install openvas

to open openvas

Goto Applications >> Vulnerability Analysis >> openvas start 

 
 
 
login with your username and password, the default username is admin and the default password is created at the end of installation. If you missed the password just reset it by using the command
openvasmd --user=admin –new-password=admin123 ( give your desired password)


After logging in the dashboard will look like below image

 
For creating new scan project first we have to create a task. For task creation
Goto configuration >> Target 
 
 
click on the tab with a star symbol on the left side 
 



Here we can create our target or target list. We can give a name for our target, can select from manual or we can give a list file containing all the ip’s we want to scan. Note one thing the ip’s should be in the order of one by one in the text file. Rest of the options keep it default. If you want a limited port scan then make the changes according to the scan and click on create. the created task will be listed on the target page.


For starting a scan
Goto scans >> Tasks



click on the tab with a star symbol on the left side
Here give a name for the scan task. In the scan targets field select the name we gave for the targets we created. All the targets we created will be listed in the scan target entry. In the scan config field we can chose the intensity and depth of the scan. If we need a fast and not so depth scan select the full and fast. If we need a indepth scan result select the full and very deep ultimate option, it is a bit slow but it scans for almost all NVT’s in the database. Then click on create on creating the scan. 
 
The created task will be listed in the scan page. Click on the play button to start the scan.
 
 
We can see the scan progress in the status tab.when the scan is finished we can see the reports in the reports section .
Goto scans >> Reports

For seeing the detailed report click on the entry under the date it will show the detailed report.click on each entry it will expand more giving us exactly what the vulnerability is and what is the remediation method.
 
We can download the reports in various format for that click on the dropdown menu near to dashboard select the format in which we want our report to be downloaded. Click on the download button to download our report.

 

 

Comments

Post a Comment

Popular posts from this blog

Red Teaming - A comprehensive approach

-
Image
        Red teaming is a comprehensive and systematic approach to testing the security of an organization's systems, networks, and physical facilities. It is a proactive approach that helps organizations identify and mitigate potential security risks by simulating real-world attack scenarios. The objective of red teaming is to identify vulnerabilities, weaknesses, and gaps in an organization's security posture and to help the organization improve its security defenses. Red teaming typically involves a team of experienced security professionals who are given the task of testing an organization's security. These professionals use a variety of techniques, tools, and methodologies to simulate different types of attacks, including social engineering, physical security breaches, network and application attacks, and other methods commonly used by hackers and other threat actors. The goal of a red team is to replicate the tactics, techniques, and procedures of real-w
Read more

During an internal network audit, you are asked to see if there is any RPC server running on the network and if found, enumerate the associate RPC services. Which port would you scan to determine the RPC server and which command will you use to enumerate the RPC services?

-
During an internal network audit, you are asked to see if there is any RPC server running on the network and if found, enumerate the associate RPC services. Which port would you scan to determine the RPC server and which command will you use to enumerate the RPC services? Port 111, rpcinfo Port 111, rpcenum Port 145, rpcinfo Port 145, rpcenum
Read more