Difference between revisions of "OpenVAS"

From ArchWiki
Jump to: navigation, search
m
(10 intermediate revisions by 3 users not shown)
Line 1: Line 1:
 +
[[Category:Networking]]
 +
[[Category:Security]]
 +
[[ja:OpenVAS]]
 
{{stub}}
 
{{stub}}
 
==Overview==
 
==Overview==
Line 5: Line 8:
 
==Installation==
 
==Installation==
  
Currently [http://aur.archlinux.org/packages.php?ID=33721 OpenVAS] is available through the [[AUR]].
+
Currently, [https://aur.archlinux.org/packages.php?ID=33721 OpenVAS] is available through the [[AUR]].
  
Installing it will also provide you with OpenVAS [http://aur.archlinux.org/packages.php?ID=22948&O=&L=&C=&K=&SB=&SO=&PP=&do_Orphans=&SeB= client] and [http://aur.archlinux.org/packages.php?ID=22944&O=&L=&C=&K=&SB=&SO=&PP=&do_Orphans=&SeB= libraries].
+
Installing it will also provide you with OpenVAS [https://aur.archlinux.org/packages.php?ID=22948&O=&L=&C=&K=&SB=&SO=&PP=&do_Orphans=&SeB= client] and [https://aur.archlinux.org/packages.php?ID=22944&O=&L=&C=&K=&SB=&SO=&PP=&do_Orphans=&SeB= libraries].
  
 
==Managing users==
 
==Managing users==
There are two types of user authentication methods used in OpenVAS - passwords and ssl certificates.
+
To be able to use OpenVAS you first need to make an OpenVAS user. There are two types of user authentication methods used in OpenVAS - passwords and ssl certificates.
  
After installation you must first make an OpenVAS user. To add a new user run the following with root privileges:
+
To add a new user run the following with root privileges:
 
  # openvas-adduser
 
  # openvas-adduser
This will also ask you if you want to use password or certificate as a mean of authentification.
+
This will prompt you to choose one of the two mentioned methods as a mean of authentification.
  
 
You can also remove a user using (also with root privileges):
 
You can also remove a user using (also with root privileges):
Line 26: Line 29:
 
  # openvas-nvt-sync
 
  # openvas-nvt-sync
  
Currently there is a problem with openvas-nvt-sync updating (at least with the packet installable through the [[AUR]]). To fix it - edit /usr/sbin/openvas-nvt-sync and find the line containing SYNC_TMP_DIR and change it to look like:
+
There is a problem with openvas-nvt-sync updating (this affects the currently available version - 3.0.2-1). To fix it - edit /usr/sbin/openvas-nvt-sync and find the line containing SYNC_TMP_DIR and change it to look like:
  # SYNC_TMP_DIR=`mktemp -d openvas-nvt-sync.XXXXXXXXXX -t`
+
  SYNC_TMP_DIR=`mktemp -d openvas-nvt-sync.XXXXXXXXXX -t`
  
 
==Running OpenVAS==  
 
==Running OpenVAS==  
To use OpenVAS, first you need to start OpenVAS server:
+
To use OpenVAS, you first need to start the OpenVAS server:
 
  # openvassd
 
  # openvassd
  
 
To start the OpenVAS client run:
 
To start the OpenVAS client run:
 
  # OpenVAS-Client &
 
  # OpenVAS-Client &
 +
 +
From OpenVAS-Client you will have to connect to the OpenVAS server using the user you previously created.
  
 
==See Also==
 
==See Also==
 
* [http://www.openvas.org/ OpenVAS] Official OpenVAS website.
 
* [http://www.openvas.org/ OpenVAS] Official OpenVAS website.
 
* [http://www.openvas.org/compendium/openvas-compendium.html OpenVAS Compendium] A Publication of the OpenVAS Project.
 
* [http://www.openvas.org/compendium/openvas-compendium.html OpenVAS Compendium] A Publication of the OpenVAS Project.

Revision as of 20:25, 11 January 2013

Tango-document-new.pngThis article is a stub.Tango-document-new.png

Notes: please use the first argument of the template to provide more detailed indications. (Discuss in Talk:OpenVAS#)

Overview

OpenVAS stands for Open Vulnerability Assessment System and is a network security scanner with associated tools like a graphical user front-end. The core component is a server with a set of network vulnerability tests (NVTs) to detect security problems in remote systems and applications.

Installation

Currently, OpenVAS is available through the AUR.

Installing it will also provide you with OpenVAS client and libraries.

Managing users

To be able to use OpenVAS you first need to make an OpenVAS user. There are two types of user authentication methods used in OpenVAS - passwords and ssl certificates.

To add a new user run the following with root privileges:

# openvas-adduser

This will prompt you to choose one of the two mentioned methods as a mean of authentification.

You can also remove a user using (also with root privileges):

# openvas-rmuser

You can make a new user certificate using (with root privileges):

# openvas-mkcert

Updating

Before running OpenVAS you should fetch new plugins and the newest security checks:

# openvas-nvt-sync

There is a problem with openvas-nvt-sync updating (this affects the currently available version - 3.0.2-1). To fix it - edit /usr/sbin/openvas-nvt-sync and find the line containing SYNC_TMP_DIR and change it to look like:

SYNC_TMP_DIR=`mktemp -d openvas-nvt-sync.XXXXXXXXXX -t`

Running OpenVAS

To use OpenVAS, you first need to start the OpenVAS server:

# openvassd

To start the OpenVAS client run:

# OpenVAS-Client &

From OpenVAS-Client you will have to connect to the OpenVAS server using the user you previously created.

See Also