From Fedora Project Wiki
No edit summary |
No edit summary |
||
| Line 4: | Line 4: | ||
* A remote host with various network services (SSH, HTTP, DNS, SMTP ...) is required. For example: a Linux server with OpenSSH, Apache HTTPd, ISC BIND, Postfix or Sendmail. | * A remote host with various network services (SSH, HTTP, DNS, SMTP ...) is required. For example: a Linux server with OpenSSH, Apache HTTPd, ISC BIND, Postfix or Sendmail. | ||
* Open ports of the scanned services in the remote host firewall. | * Open ports of the scanned services in the remote host firewall. | ||
* Ensure | * Ensure that {{package|openvas-scanner}}, {{package|openvas-libraries}}, {{package|openvas-client}} packages are installed. | ||
|actions= | |actions= | ||
# Start OpenVAS scanner: '''/etc/init.d/openvas-scanner''' | # Start OpenVAS scanner: '''/etc/init.d/openvas-scanner''' | ||
Revision as of 07:16, 28 May 2011
Description
Using OpenVAS to scan a hosts or network for vulnerabilities.
Setup
- A remote host with various network services (SSH, HTTP, DNS, SMTP ...) is required. For example: a Linux server with OpenSSH, Apache HTTPd, ISC BIND, Postfix or Sendmail.
- Open ports of the scanned services in the remote host firewall.
- Ensure that
openvas-scanner
How to test
- Start OpenVAS scanner: /etc/init.d/openvas-scanner
- Create a new certificate: openvas-mkcert
- Add a OpenVAS user: openvas-adduser
- Update the NVTs: openvas-nvt-sync
- Restart OpenVAS scanner (take a while for the first time): /etc/init.d/openvas-scanner restart
- Start OpenVAS client: openvas-client (Or System Tools > OpenVAS Client)
- Connect to OpenVAS server with the user created in step 3.
- Create a new scan using the client and wait until it finishes.
- Export the report to a HTML or PDF.
Expected Results
- The scan should finish correctly.
- In the report, you should see the network services being scanned and vulnerabilities reported.