Kategorie:Greenbone
Greenbone Vulnerability Manager - Modulares Sicherheits-Audit-Tool
Beschreibung
- Greenbone Vulnerability Manager ist ein modulares Sicherheits-Audit-Tool
- Entfernte Systeme auf Schwachstellen testen
- Das Tool trug früher den Namen OpenVAS
What is OpenVAS?
OpenVAS is an open-source vulnerability scanner. OpenVAS started under the name of GNessUs, a fork of the previously open-source Nessus scanning tool (which costs you money now). OpenVAS is also under the GNU General Public License (GPL).
I personally used this software in many different kinds of assessments and was always satisfied with the results I got (keeping in mind that it is completely free).
Of course, tools like Nessus and NeXpose are more feature-rich, but they come with a high price tag too.
For starters, OpenVAS is simply perfect and gives you a good idea of how a vulnerability scanner works. I also found it very intuitive to work with.
So without further ado, let’s dive right into the installation.
OpenVAS, an endpoint scanning application and web application used to identify and detect vulnerabilities. It is widely used by companies as part of their risk mitigation solutions to quickly identify gaps in their production and even development servers or applications. This is not a complete solution, but it can help you fix common security vulnerabilities that may not be discovered.
The condition of Greenbone mode is open (APEVALV) from infected chemistry (GVM) of the quality of the storage and the GitHub area. it is used in the Greenbone Security Manager device and is a comprehensive scan. An engine that runs an advanced and constantly updated Network Vulnerability Test Package (NVT).
Installation
siehe Greenbone Security Manager/Installation
Anwendungen
First Scan
Now it’s time to run our first scan.
As this is just the installation part I won’t go into details, but I will show you quickly how to run your first scan. There will be more articles covering OpenVAS and we will continue looking into all of the different options we have and how to process scan results.
So the easiest way is simply to Navigate to Scans / Tasks and click on the little Magic Wand icon and start the Task Wizard.
"Install OpenVAS on Kali Linux"
Now you can enter either a single IP, a whole subnet, a range of IP Addresses, or a domain.
This will start a default-depth scan. Depending on the scale of the Network you want to scan this can take from a few minutes up to several hours or even days if the network is large enough and you choose a deep scan.
This and more will be covered in the next article for OpenVAS, which is coming soon.
Configuration for a new target
Begin by navigating to Scans > Tasks and clicking on the purple magic wand icon to begin the basic configuration wizard. After successfully navigating to the wizard, you should see a pop-up window similar to the one shown above. You can set up the initial scan of the local host here to make sure everything is set up correctly.
Scanning may take a while. Please allow OpenVAS enough time to complete the scan. You will then see a new dashboard for monitoring and analyzing your completed and ongoing scans, as shown below.
Schedule the scanning process
Now that we know everything is normal, we can take a closer look at OpenVAS and how it works. Expand the car to scan and> start the task of creating a scan task for the managed computer.
Creating a Task
To create a custom task, navigate to the star icon in the upper right corner of the taskbar and select New task.
After selecting ” New Task” from the drop-down menu, you will see a large pop-up window with many options. We will introduce each option part and its purpose.
For this task, we’ll be specializing only in the Name, Scan Targets, and Scanner Type, and Scan Config. In later tasks, we will be focusing on the opposite choices for additional advanced configuration and implementation/automation.
- Name: permits North American country to line the name the scan are going to be referred to as inside OpenVAS
- Scan Targets: The targets to scan, can embrace Hosts, Ports, and Credentials. to make a brand new target you may follow another pop-up, this can be lined later during this task.
- Scanner: The scanner to use by default will use the OpenVAS design but you’ll be able to set this to any scanner of your selecting within the settings menu.
- Scan Config: OpenVAS has seven totally different scan sorts you can choose from and can be used supported however you’re aggressive or what info you wish to gather from your scan.
Scoping a New Target
To scope a new target, navigate to the star icon next to Scan Targets.
Above is that the menu for configuring a replacement target. the 2 main choices you may have to be compelled to assemble are the Name and therefore the Hosts. This procedure is fairly uncomplicated and different options will solely be employed in advanced vulnerability management solutions. These are going to be lined in later tasks.
Now that we’ve got our target scoped we are able to still produce our task and start the scan. When the task is created, you’ll come to the scanning management panel, wherever you’ll track and execute the task. To run the task, navigate to the run icon within the operation.
Assets
It permits visualizing the vulnerability of the parts akin to hosts or in operation systems:
Additional features
Allow adding common parameters to OpenVAS:
Administration
As the name suggests, you can manage passwords, users, etc.:
Konfiguration
siehe Greenbone Security Manager/Konfiguration
Sicherheit
Dokumentation
RFC
Man-Pages
Info-Pages
Siehe auch
Links
Projekt
Weblinks
Einzelnachweise
Testfragen
Testfrage 1
Testfrage 2
Testfrage 3
Testfrage 4
Testfrage 5
TMP
OpenVAS Usage Examples
Before trying to do anything with OpenVAS, you must first run the setup script, appropriately named openvas-setup. At the end of the (very long) setup process, the automatically created password will be displayed to you. Save the password somewhere safe.
# openvas-setup ERROR: Directory for keys (/var/lib/openvas/private/CA) not found! ERROR: Directory for certificates (/var/lib/openvas/CA) not found! ERROR: CA key not found in /var/lib/openvas/private/CA/cakey.pem ERROR: CA certificate not found in /var/lib/openvas/CA/cacert.pem ERROR: CA certificate failed verification, see /tmp/tmp.YpvirUZgxc/openvas-manage-certs.log for details. Aborting. ERROR: Your OpenVAS certificate infrastructure did NOT pass validation. See messages above for details. Generated private key in /tmp/tmp.XwwD8IOl5u/cakey.pem. Generated self signed certificate in /tmp/tmp.XwwD8IOl5u/cacert.pem. Installed private key to /var/lib/openvas/private/CA/cakey.pem. Installed certificate to /var/lib/openvas/CA/cacert.pem. Generated private key in /tmp/tmp.XwwD8IOl5u/serverkey.pem. Generated certificate request in /tmp/tmp.XwwD8IOl5u/serverrequest.pem. [...] znc_detect.nasl znc_detect.nasl.asc zone_alarm_local_dos.nasl zone_alarm_local_dos.nasl.asc OpenVAS community feed server - http://www.openvas.org/ This service is hosted by Greenbone Networks - http://www.greenbone.net/ All transactions are logged. If you have any questions, please use the OpenVAS mailing lists or the OpenVAS IRC chat. See http://www.openvas.org/ for details. By using this service you agree to our terms and conditions. Only one sync per time, otherwise the source ip will be blocked. receiving incremental file list ./ COPYING 1,493 100% 1.42MB/s 0:00:00 (xfr#1, to-chk=84/86) COPYING.asc 181 100% 176.76kB/s 0:00:00 (xfr#2, to-chk=83/86) nvdcve-2.0-2002.xml ... sha1sums 2,002 100% 2.34kB/s 0:00:00 (xfr#33, to-chk=2/36) timestamp 13 100% 0.02kB/s 0:00:00 (xfr#34, to-chk=1/36) timestamp.asc 181 100% 0.21kB/s 0:00:00 (xfr#35, to-chk=0/36) sent 719 bytes received 41,272,464 bytes 398,774.71 bytes/sec total size is 41,260,051 speedup is 1.00 /usr/sbin/openvasmd User created with password 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx'.
- After the setup completes, you will find two listening TCP ports
- 9390 and 9392
Port 9392 is likely the one of most interest to you as it is the web interface for OpenVAS. You can open the web interface using your browser of choice.
# ss -lnt4 State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 127.0.0.1:9390 *:* LISTEN 0 128 127.0.0.1:9392 *:* # firefox https://127.0.0.1:9392
Despite reminding people to save the default password generated during setup, it still sometimes gets misplaced. Fortunately, the “openvasmd” utility can be used to create and remove users as well as reset their passwords.
root@kali:~# openvasmd --create-user=dookie User created with password 'yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyyyyy'. root@kali:~# openvasmd --get-users admin dookie root@kali:~# openvasmd --user=dookie --new-password=s3cr3t root@kali:~# openvasmd --user=admin --new-password=sup3rs3cr3t
OpenVAS signatures can be updated with the “openvas-feed-update” utility.
root@kali:~# openvas-feed-update Updating OpenVas Feeds OpenVAS community feed server - http://www.openvas.org/ This service is hosted by Greenbone Networks - http://www.greenbone.net/ All transactions are logged. If you have any questions, please use the OpenVAS mailing lists or the OpenVAS IRC chat. See http://www.openvas.org/ for details. [...]
Verify the certificates that are configured for OpenVAS.
root@kali:~# openvas-manage-certs -V OK: Directory for keys (/var/lib/openvas/private/CA) exists. OK: Directory for certificates (/var/lib/openvas/CA) exists. OK: CA key found in /var/lib/openvas/private/CA/cakey.pem OK: CA certificate found in /var/lib/openvas/CA/cacert.pem OK: CA certificate verified. OK: Certificate /var/lib/openvas/CA/servercert.pem verified. OK: Certificate /var/lib/openvas/CA/clientcert.pem verified. OK: Your OpenVAS certificate infrastructure passed validation.
Seiten in der Kategorie „Greenbone“
Folgende 10 Seiten sind in dieser Kategorie, von 10 insgesamt.