Its an open source vulnerability scanner based on Nessus. Very useful in home and small scale companies to implement and check the system, network and devices vulnerabilities.
2. Learning Objective
• Understand the importance ofVulnerability Assessment (VA).
• Explain how OpenVAS is used forVA.
• Understand the logical architecture of OpenVAS framework.
• ConductVA using OpenVAS.
• Evaluate the purpose and value of OpenVAS report.
• Determine how to mitigate vulnerabilities.
OpenVAS_Group4_Chandrak-Melbin 2
5. OpenVAS
Benefits
• Open Source and uses
NessusV2 as its plugin
engine.
• Compatible with different
Operating System.
• Keeps a history of past scans.
Limitations
• False negatives may be
reported.
• Determine/find less
vulnerabilities as compared is
Nexpose or Nessus.
• Requires 2-3 services to
perform vulnerability
assessment.
OpenVAS_Group4_Chandrak-Melbin 5
6. An overview of OpenVAS
The OpenVulnerabilityAssessment Scanner known more commonly as OpenVAS, is a suite of tools
that work together to run tests against client computers using a database of known exploits and
weaknesses.The goal is to learn about how well your servers are guarded against known attack
vectors
OpenVAS is be used as VULNERALABILITYASSESSMENT tool and but also can be used as
PENETRATIONTESTING tool.
OpenVAS_Group4_Chandrak-Melbin 6
8. Clients Components
• OpenVAS CLI: is a set of tools that allow administration of
OpenVAS through the shell.
• Greenbone Security Assistant: is a web-based tool with an
intuitive interface for variousVA that you are making.
• Greenbone Desktop Security: is the tool that allows us to
manage everything through the GUI interface on the desktop.
OpenVAS_Group4_Chandrak-Melbin 8
9. Services Components
• OpenVAS Scanner: is the component that allows us the scan of
hostname/ip, port range “from-to” or entire networks such as
“192.168.1.0/28”.
• OpenVAS Manager: is the heart of OpenVAS, the manager receives
task/information from the OpenVAS Administrator and the various
administration tools CLI/WEB/GUI, then use the OpenVAS Scanner that will
perform theVulnerability Assessment. Also includes component that
processes the results of the scans, so it also generates the final report.
• OpenVAS Administrator: is the component through which users can
manage and the feed (i.e. the updates).
OpenVAS_Group4_Chandrak-Melbin 9
10. Data Components
• NVT’s: it is the container of feed, i.e. test cases that detect the
vulnerabilities, which are currently over 20,000.
• Results, config: is the database (PostgreSQL) where reports are
collected and where the entire configuration of OpenVAS is
stored.
OpenVAS_Group4_Chandrak-Melbin 10
13. Step 1: Setting up Kali forVulnerability
Scanning
https://www.kali.org/penetration-testing/openvas-vulnerability-scanning/
OpenVAS_Group4_Chandrak-Melbin 13
14. Step 1: Starting the OpenVAS services
• Once openvas-setup completes its process, the OpenVAS manager, scanner, and GSAD
services should be listening:
• If you have already configured OpenVAS, you can simply start all the necessary services
by running openvas-start.
OpenVAS_Group4_Chandrak-Melbin 14
15. Step 1: Connecting to the OpenVASWeb
Interface
• Point your browser to https://127.0.0.1:9392, accept the self signed SSL certificate and plugin
the credentials for the admin user.The admin password was generated during the setup phase.
OpenVAS_Group4_Chandrak-Melbin 15
49. Step 4: Export report ofVA conducted
• Explanation on Exporting the scanned target vulnerabilities into
file.
• Different extension are possible to export like .pdf, .xml etc.
• PDF will be used to submit to your higher management.
• XML can be used to import in Metasploit for doing pen testing.
• Also you can study by just clicking the vulnerability.
OpenVAS_Group4_Chandrak-Melbin 49
53. Exploitation onVulnerable System
• Using NVTs, CVEs and Metasploit
• Video on Denial of Service (DOS) on scanned results.
OpenVAS_Group4_Chandrak-Melbin 53
54. Windows XP – No Firewall and Updates
OpenVAS_Group4_Chandrak-Melbin 54
55. Windows XP - No Firewall and Updates
OpenVAS_Group4_Chandrak-Melbin 55