Shulou(Shulou.com)06/01 Report--

Since Nessus is no longer open source, many "homegrown" vulnerability scanners have not been updated. Many friends still prefer open source software, so today I will bring you a new, open source vulnerability assessment system: OpenVAS.

I noticed OpenVAS several years ago, but to tell you the truth: OpenVAS configuration is still troublesome, far less humanized than Nessus. However, a few days ago, when the Ranger mentioned in the group that OpenVAS did not have a virtual machine to facilitate testing, a friend said: now there is! OK, that would be much easier!

The virtual machine version is called Greenbone Security Manager (GSM) Community Edition and can be run under VirtualBox, ESXi, and Hyper-V. Of course, the Ranger has tested VMware Workstation, and it can also be run! After all, most computers run the same way.

GSM Community Edition Version: 4.0.5 (corresponds to OpenVAS-9)

Download OpenVAS: http://dl.greenbone.net/download/VM/gsm_ce_4.0.5.iso (340 MByte)

As you can see, only 340MB! A 100m broadband like mine can be downloaded in a minute.

Sha256sum: 260e57d693bdfd1db55e41555ffde346f823d79235c8f4a40e19aa888060c425

Virtual machine configuration: 2 CPU Cores, 2 GByte RAM. The following picture shows my configuration in VMware Workstation. If you are using other virtual machines, it is more or less the same.

I really don't want to say any more about installation. Because: this gsm_ce_4.0.5.iso actually compresses the OpenVAS. At first, the waiting time was a little long. Within about 10 minutes, the Ranger thought there was a problem. Then he went to the window and had a cup of tea. Come and find it.

Then simply configure the basic information, such as IP address, subnet mask, gateway address, DNS server, and Web account. I think, smart you certainly do not need me to write these long words here!

A few simple screenshots:

Setup:

Maintenance:

Advanced:

In fact, the main configuration is the first option, which is Setup. After configuring the basic information, you can open the browser and log in! One thing to note is that the login address is https, not http.

In the upper-left corner of the "Scan → Tasks" interface, click the purple magic wand or the blue white star icon to start a scan task (I feel that what is done here is not human enough, so it can be more intuitive):

You can see an overview of the scan in "Scans → Dashboard" in a moment; here's "Scans → Reports" to take a look at the report:

The following three lines are reports of the three scanning tasks that have been opened. Ranger here is only to introduce the basic operation of OpenVAS, more functions still need to be excavated, and you are welcome to share your research on OpenVAS with me! (Wechat: cnbrian)

Author: Zhang Baichuan (Internet Ranger) www.youxia.org reprint, please indicate the source! Thank you

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.