From Fedora Project Wiki
No edit summary |
No edit summary |
||
(17 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
{{QA/Test_Case | {{QA/Test_Case | ||
|description= | |description=This test case tests the ability of OpenVAS to scan a host or network for vulnerabilities. | ||
|setup= | |setup= | ||
* A remote host with various network services (SSH, HTTP, DNS, SMTP ...). | * A remote host with various network services (SSH, HTTP, DNS, SMTP ...) is required. For example: a Linux server with OpenSSH, Apache HTTPd, ISC BIND, Postfix or Sendmail. | ||
For example: a Linux server with OpenSSH, Apache HTTPd, ISC BIND, Postfix or Sendmail . | * Open ports of the scanned services in the remote host firewall. | ||
* | * Ensure that {{package|openvas-scanner}}, {{package|openvas-libraries}}, {{package|openvas-client}} packages are installed. | ||
|actions= | |actions= | ||
# Start | # Start OpenVAS scanner: {{command| /etc/init.d/openvas-scanner start}} | ||
# | # Create a new certificate: {{command|openvas-mkcert}} | ||
# | # Add a OpenVAS user: {{command|openvas-adduser}} | ||
# Update the NVTs: {{command|openvas-nvt-sync}} | |||
# Restart OpenVAS scanner (take a while for the first time): {{command|/etc/init.d/openvas-scanner restart}} | |||
# Start OpenVAS client: {{command|openvas-client}} (or System Tools > OpenVAS Client) | |||
# Connect to OpenVAS server with the user created in step 3. | |||
# Create a new scan using the client and wait until it finishes. | |||
# Export the report to HTML or PDF. | |||
|results= | |results= | ||
The | # The scan should finish correctly. | ||
# | # In the report, you should see the network services being scanned and vulnerabilities reported. | ||
}} | }} |
Latest revision as of 22:22, 28 May 2011
Description
This test case tests the ability of OpenVAS to scan a host or network for vulnerabilities.
Setup
- A remote host with various network services (SSH, HTTP, DNS, SMTP ...) is required. For example: a Linux server with OpenSSH, Apache HTTPd, ISC BIND, Postfix or Sendmail.
- Open ports of the scanned services in the remote host firewall.
- Ensure that
openvas-scanner
,openvas-libraries
,openvas-client
packages are installed.
How to test
- Start OpenVAS scanner:
/etc/init.d/openvas-scanner start
- Create a new certificate:
openvas-mkcert
- Add a OpenVAS user:
openvas-adduser
- Update the NVTs:
openvas-nvt-sync
- Restart OpenVAS scanner (take a while for the first time):
/etc/init.d/openvas-scanner restart
- Start OpenVAS client:
openvas-client
(or System Tools > OpenVAS Client) - Connect to OpenVAS server with the user created in step 3.
- Create a new scan using the client and wait until it finishes.
- Export the report to HTML or PDF.
Expected Results
- The scan should finish correctly.
- In the report, you should see the network services being scanned and vulnerabilities reported.