Difference between revisions of "OpenVAS"
(remove language suffix from Category:Security (English), see Talk:Table of Contents#English Category Names: Capitalization and Conflict with i18n)
|Line 1:||Line 1:|
Revision as of 20:25, 11 January 2013
OpenVAS stands for Open Vulnerability Assessment System and is a network security scanner with associated tools like a graphical user front-end. The core component is a server with a set of network vulnerability tests (NVTs) to detect security problems in remote systems and applications.
To be able to use OpenVAS you first need to make an OpenVAS user. There are two types of user authentication methods used in OpenVAS - passwords and ssl certificates.
To add a new user run the following with root privileges:
This will prompt you to choose one of the two mentioned methods as a mean of authentification.
You can also remove a user using (also with root privileges):
You can make a new user certificate using (with root privileges):
Before running OpenVAS you should fetch new plugins and the newest security checks:
There is a problem with openvas-nvt-sync updating (this affects the currently available version - 3.0.2-1). To fix it - edit /usr/sbin/openvas-nvt-sync and find the line containing SYNC_TMP_DIR and change it to look like:
SYNC_TMP_DIR=`mktemp -d openvas-nvt-sync.XXXXXXXXXX -t`
To use OpenVAS, you first need to start the OpenVAS server:
To start the OpenVAS client run:
# OpenVAS-Client &
From OpenVAS-Client you will have to connect to the OpenVAS server using the user you previously created.