From ArchWiki
Revision as of 09:38, 4 July 2010 by Pootzko (talk | contribs)
Jump to: navigation, search


OpenVAS stands for Open Vulnerability Assessment System and is a network security scanner with associated tools like a graphical user front-end. The core component is a server with a set of network vulnerability tests (NVTs) to detect security problems in remote systems and applications.


Currently OpenVAS is available through the AUR.

Installing it will also provide you with OpenVAS client and libraries.

Managing users

There are two types of user authentication methods used in OpenVAS - passwords and ssl certificates.

After installation you must first make an OpenVAS user. To add a new user run the following with root privileges:

# openvas-adduser

This will also ask you if you want to use password or certificate as a mean of authentification.

You can also remove a user using (also with root privileges):

# openvas-rmuser

You can make a new user certificate using (with root privileges):

# openvas-mkcert


Before running OpenVAS you should fetch new plugins and the newest security checks:

# openvas-nvt-sync

Currently there is a problem with openvas-nvt-sync updating (at least with the packet installable through the AUR). To fix it - edit /usr/sbin/openvas-nvt-sync and find the line containing SYNC_TMP_DIR and change it to look like:

# SYNC_TMP_DIR=`mktemp -d openvas-nvt-sync.XXXXXXXXXX -t`

Running OpenVAS

To use OpenVAS, first you need to start OpenVAS server:

# openvassd

To start the OpenVAS client run:

# OpenVAS-Client &

See Also