OpenVAS is a framework of several services that provide a powerful vulnerability scanning and management solution. The framework is part of Greenbone Networks’ commercial vulnerability management solution from which developments are contributed to the Open Source community since 2009.

This blog is divided into two parts; Installation and Configuration of OpenVAS 9 on Ubuntu 16.04

Installation

Installing an OpenVAS is simple. You need an Ubuntu 16.04 machine with all updated packages. Install required packages for OpenVAS 9 first,

  • sudo apt-get install python-software-properties sqlite3 software-properties-common –y

Next, add OpenVAS repository and update your machine

  • sudo add-apt-repository ppa:mrazavi/openvas
  • sudo apt-get update

Install OpenVAS 9 package using the following command,

  • sudo apt-get install openvas9

Greenbone maintains a public feed of Network Vulnerability Tests (NVTs) for the OpenVAS project. It contains more than 50,000 NVTs, growing on a permanent basis. This feed is configured as the default for OpenVAS. You need to update NVT and all other necessary feeds.

  • sudo greenbone-nvt-sync
  • sudo greenbone-scapdata-sync
  • sudo greenbone-certdata-sync

Now OpenVAS 9 is installed on your machine with up-to-date NVT’s and all other required feeds, let’s start the services for an OpenVAS,

  • sudo service openvas-scanner restart
  • sudo service openvas-manager restart
  • sudo openvasmd –rebuild –progress

To add extra features like PDF reporting in OpenVAS use following commands:

  • sudo apt-get install texlive-latex-extra –no-install-recommends
  • sudo apt-get install texlive-fonts-recommended

To access OpenVAS on browser go to https://serverip:4000 and login using default username “admin” and password “admin

Configuration

Now that you have OpenVAS 9 up and running lets add some servers to scan for vulnerability.

To quickly add server for scanning click on “Scans Tasks Task Wizard” from the menu,

Fig. 1

Add an IP address in the field and click on “Start Scan”. This will trigger an immediate scan for that server and you can see result once it’s done scanning under “Scans Reports”.

Fig. 2

To export the report into the desired format, click on the “Report Name Select the format Export

Fig. 3

To view the vulnerabilities that have been captured during a scan go to “Scans Results”,

Fig. 4

This way you can scan servers in OpenVAS for vulnerabilities and export the reports.

Conclusion

This blog depicts some basic configuration for scanning via OpenVAS. There is so much you can do using OpenVAS. It is the best tool out there for network scanning and to find vulnerabilities on our server. Information Sources are:

  1. Openvas
  2. Installation

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>


CAPTCHA Image
Reload Image