OpenVAS and Fedora

OpenVAS is available from the Fedora Package Collection for some releases now. If you don’t want to install OpenVAS, you can try the Fedora Security Lab. Using OpenVAS is an easy way to test how vulnerable systems are. Of course, if you are a paranoid user, you will say: “My system is encapsulate from the rest of the world, not network connection available!”. Not much fun to read e-mails this way…nowadays most computers are connected to a network.

The very first step is to install OpenVAS. If you are running the Fedora Security Lab no installation is needed. Otherwise, use yum or the package management frontend of your choice.

After the installation the OpenVAS feeds needs to be imported.

Certificate creation is done now.

And now the certificates are ready.

For the OpenVAS server login, create an OpenVAS user.

Now it’s time to start the OpenVAS server. Be aware it will take some time because 29000 plugins are loaded.

Now you can start the OpenVAS client from the command line or from the menu.

OpenVAS Main

Now it’s time for the connection to the server. Press the “Connect” icon. In the Login

OpenVAS Login

This will take a huge amount of time because the client loads all plugins.

OpenVAS Plugins

After the connection to the OpenVAS server is established, launch the “Scan Assistant”. Give the upcoming task a name and a description if preferred. When you are finish, press “Forward”.

Scan Assistant Start

The next point is the scope. When you are finish, press “Forward”.

OpenVAS Scope

In the third step is about the target. In this example I just test a router. When you are finish, press “Forward”.

OpenVAS Target

Press “Execute”.

OpenVAS Execute

The tests against the target starts now. A portscan is initiated and the checks for details is processed.

OpenVAS Test

After a while the scan is done and the report is available.

OpenVAS Report

If you are going to read the report, you will see that some details could be gained with standard POSIX tools too but with OpenVAS it’s much more comfortable.

This entry was posted in Fedora, Security. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.