Shulou(Shulou.com)06/01 Report--

Introduction to OpenVAS

OpenVAS (Open Vulnerability Assessment System) is an open vulnerability assessment system, and its core is a server. The server includes a set of network vulnerability testing programs that can detect security problems in remote systems and applications. OpenVAS is different from traditional vulnerability scanning software. All OpenVAS software is free and uses some open plug-ins from earlier versions of Nessus (a powerful web scanning tool). Although Nessus is powerful, the tool is not open source, and the features of the free version are limited.

Note: the OpenVAS server only supports installation of the Linux operating system. However, the client supports Windows and Linux systems.

Install OpenVAS

Official download address: http://www.openvas.org/install-packages.html.

Environmental preparation:

1. Operating system: Ubuntu16.04

two。 Turn off the firewall and Sexlinux

3. Configure the DNS server

4. Configure Internet agents to ensure normal access to the Internet

5. Configure the apt-get update source and add the following information:

Deb http://mirrors.aliyun.com/kali kali-rolling main non-free contribdeb http://mirrors.aliyun.com/kali-security/ kali-rolling/updates main contrib non-freedeb-src http://mirrors.aliyun.com/kali-security/ kali-rolling/updates main contrib non-free

(1) Update the package list:

Hbgslz@openvas:~$ sudo apt-get update # update software

After executing the above command, you will get a list of the most recent packages.

(2) get the latest software package:

Hbgslz@openvas:~$ sudo apt-get dist-upgrade # downloads and installs updatable packages

(3) install the OpenVAS tool:

Hbgslz@openvas:~$ sudo apt-get install openvas

Configure the OpenVAS service

After the OpenVAS tool is installed successfully, you need to make some configuration before you can use it.

(1) download and update OpenVAS library:

Hbgslz@openvas:~$ sudo openvas-setup

This process takes a very long time, please make sure the network is normal and wait patiently, the length of time is determined by the network bandwidth.

From the output information, you can see that the certificate was created, all the scanning plug-ins were downloaded and updated, and so on. During this update, a user named admin will be created and a secret key will be automatically generated.

(2) when the OpenVAS library is updated, a password is automatically created for the admin user. However, the password is long, so it is not easy to remember. To facilitate the user's memory and input, you can use the openvasmd command to change the password. Where the execution command is as follows:

Hbgslz@openvas:~$ sudo openvasmd-user=admin-new-password=Hbgslz99

(3) check whether OpenVAS is installed successfully:

Hbgslz@openvas:~$ sudo openvas-check-setup

The appearance of "It seems like your OpenVAS-9 installation is OK." means that the configuration is successful.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.