openvas: vulnerability assessment scanner
TRANSCRIPT
![Page 1: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/1.jpg)
OpenVAS_Group4_Chandrak-Melbin 1
OPENVAS: VULNERABILITY
ASSESSMENT SCANNER By
Chandrak Trivedi_101015275Melbin Sunny_101013552
![Page 2: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/2.jpg)
OpenVAS_Group4_Chandrak-Melbin 2
Learning Objective•Understand the importance of Vulnerability Assessment (VA).
•Explain how OpenVAS is used for VA.•Understand the logical architecture of OpenVAS framework.
•Conduct VA using OpenVAS.•Evaluate the purpose and value of OpenVAS report.•Determine how to mitigate vulnerabilities.
![Page 3: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/3.jpg)
OpenVAS_Group4_Chandrak-Melbin 3
Vulnerability Assessment (VA)•What is Vulnerability Assessment (VA)?
•Why we need Vulnerability Assessment (VA)?
•RISK = ASSET * THREAT * VULNERABILITY
![Page 4: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/4.jpg)
OpenVAS_Group4_Chandrak-Melbin 4
![Page 5: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/5.jpg)
OpenVAS_Group4_Chandrak-Melbin 5
OpenVASBenefits
•Open Source and uses Nessus V2 as its plugin engine.
•Compatible with different Operating System.
•Keeps a history of past scans.
Limitations•False negatives may be reported.
•Determine/find less vulnerabilities as compared is Nexpose or Nessus.
•Requires 2-3 services to perform vulnerability assessment.
![Page 6: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/6.jpg)
OpenVAS_Group4_Chandrak-Melbin 6
An overview of OpenVASThe Open Vulnerability Assessment Scanner known more commonly as OpenVAS, is a suite of tools that work together to run tests against client computers using a database of known exploits and weaknesses. The goal is to learn about how well your servers are guarded against known attack vectorsOpenVAS is be used as VULNERALABILITY ASSESSMENT tool and but also can be used as PENETRATION TESTING tool.
![Page 7: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/7.jpg)
OpenVAS_Group4_Chandrak-Melbin 7
OpenVAS Architecture Clients
Services
Data
![Page 8: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/8.jpg)
OpenVAS_Group4_Chandrak-Melbin 8
Clients Components •OpenVAS CLI: is a set of tools that allow administration of OpenVAS through the shell.
•Greenbone Security Assistant: is a web-based tool with an intuitive interface for various VA that you are making.
•Greenbone Desktop Security: is the tool that allows us to manage everything through the GUI interface on the desktop.
![Page 9: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/9.jpg)
OpenVAS_Group4_Chandrak-Melbin 9
Services Components•OpenVAS Scanner: is the component that allows us the scan of hostname/ip, port range “from-to” or entire networks such as “192.168.1.0/28”.
•OpenVAS Manager: is the heart of OpenVAS, the manager receives task/information from the OpenVAS Administrator and the various administration tools CLI/WEB/GUI, then use the OpenVAS Scanner that will perform the Vulnerability Assessment. Also includes component that processes the results of the scans, so it also generates the final report.
•OpenVAS Administrator: is the component through which users can manage and the feed (i.e. the updates).
![Page 10: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/10.jpg)
OpenVAS_Group4_Chandrak-Melbin 10
Data Components•NVT’s: it is the container of feed, i.e. test cases that detect the vulnerabilities, which are currently over 20,000.
•Results, config: is the database (PostgreSQL) where reports are collected and where the entire configuration of OpenVAS is stored.
![Page 11: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/11.jpg)
OpenVAS_Group4_Chandrak-Melbin 11
OpenVAS Feeds
![Page 12: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/12.jpg)
OpenVAS_Group4_Chandrak-Melbin 12
Conducting VA using OpenVAS
![Page 13: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/13.jpg)
OpenVAS_Group4_Chandrak-Melbin 13
Step 1: Setting up Kali for Vulnerability Scanning
https://www.kali.org/penetration-testing/openvas-vulnerability-scanning/
![Page 14: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/14.jpg)
OpenVAS_Group4_Chandrak-Melbin 14
Step 1: Starting the OpenVAS services
• Once openvas-setup completes its process, the OpenVAS manager, scanner, and GSAD services should be listening:
• If you have already configured OpenVAS, you can simply start all the necessary services by running openvas-start.
![Page 15: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/15.jpg)
OpenVAS_Group4_Chandrak-Melbin 15
Step 1: Connecting to the OpenVAS Web Interface• Point your browser to https://127.0.0.1:9392, accept the self signed SSL certificate and plugin the credentials for the admin user. The admin password was generated during the setup phase.
![Page 16: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/16.jpg)
OpenVAS_Group4_Chandrak-Melbin 16
![Page 17: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/17.jpg)
OpenVAS_Group4_Chandrak-Melbin 17
Step 2: Tabs•Explanation of Administration Tab -
•Adding Users, Groups and Roles.
•Updating Network Vulnerability Tests (NVTs), Security Content Automation Protocol (SCAP) and Computer Emergency Response Team (CERT) Feeds.
![Page 18: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/18.jpg)
OpenVAS_Group4_Chandrak-Melbin 18
Administration tab
![Page 19: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/19.jpg)
OpenVAS_Group4_Chandrak-Melbin 19
Add New Users
![Page 20: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/20.jpg)
OpenVAS_Group4_Chandrak-Melbin 20
New User details
![Page 21: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/21.jpg)
OpenVAS_Group4_Chandrak-Melbin 21
NVT Feed
![Page 22: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/22.jpg)
OpenVAS_Group4_Chandrak-Melbin 22
Step 2: Tabs•Explanation of Configuration tab -
•Targets, Port lists and Credentials
•Scan Config
•Alerts and Schedules
•Permissions
![Page 23: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/23.jpg)
OpenVAS_Group4_Chandrak-Melbin 23
Configuration tab
![Page 24: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/24.jpg)
OpenVAS_Group4_Chandrak-Melbin 24
Targets
![Page 25: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/25.jpg)
OpenVAS_Group4_Chandrak-Melbin 25
Port List
![Page 26: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/26.jpg)
OpenVAS_Group4_Chandrak-Melbin 26
Scan Configuration
![Page 27: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/27.jpg)
OpenVAS_Group4_Chandrak-Melbin 27
Permissions
![Page 28: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/28.jpg)
OpenVAS_Group4_Chandrak-Melbin 28
Step 2: Tabs•Explanation of SecInfo Management tab -
•SecInfo Dashboard
•Network Vulnerability tests (NVTs)
•Common Vulnerabilities and Exposures (CVEs)
![Page 29: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/29.jpg)
OpenVAS_Group4_Chandrak-Melbin 29
SecInfo Management
![Page 30: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/30.jpg)
OpenVAS_Group4_Chandrak-Melbin 30
SecInfo Dashboard
![Page 31: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/31.jpg)
OpenVAS_Group4_Chandrak-Melbin 31
NVTs – Network Vulnerability test
![Page 32: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/32.jpg)
OpenVAS_Group4_Chandrak-Melbin 32
CVEs – Common Vulnerabilities and Exposure
![Page 33: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/33.jpg)
OpenVAS_Group4_Chandrak-Melbin 33
Step 2: Tabs•Explanation of Scan Management -
•Tasks
•Reports
•Results
![Page 34: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/34.jpg)
OpenVAS_Group4_Chandrak-Melbin 34
Scan Management tab
![Page 35: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/35.jpg)
OpenVAS_Group4_Chandrak-Melbin 35
New Tasks
![Page 36: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/36.jpg)
OpenVAS_Group4_Chandrak-Melbin 36
Reports
![Page 37: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/37.jpg)
OpenVAS_Group4_Chandrak-Melbin 37
Results
![Page 38: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/38.jpg)
OpenVAS_Group4_Chandrak-Melbin 38
Step 3: Scanning•Explanation for Scanning a Target to find Vulnerabilities.
•Procedures•I: New Target (Creating Target)•II: New Task (Creating Task)•III: Scanning
![Page 39: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/39.jpg)
OpenVAS_Group4_Chandrak-Melbin 39
I. New Target
![Page 40: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/40.jpg)
OpenVAS_Group4_Chandrak-Melbin 40
Port List Options
![Page 41: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/41.jpg)
OpenVAS_Group4_Chandrak-Melbin 41
Target Added
![Page 42: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/42.jpg)
OpenVAS_Group4_Chandrak-Melbin 42
II. New Task
![Page 43: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/43.jpg)
OpenVAS_Group4_Chandrak-Melbin 43
Scan Config Options
![Page 44: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/44.jpg)
OpenVAS_Group4_Chandrak-Melbin 44
Task Created
![Page 45: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/45.jpg)
OpenVAS_Group4_Chandrak-Melbin 45
III. Start Scanning
![Page 46: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/46.jpg)
OpenVAS_Group4_Chandrak-Melbin 46
Total Task List
![Page 47: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/47.jpg)
OpenVAS_Group4_Chandrak-Melbin 47
Scanned Target Summary Report
![Page 48: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/48.jpg)
OpenVAS_Group4_Chandrak-Melbin 48
Results of Target
![Page 49: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/49.jpg)
OpenVAS_Group4_Chandrak-Melbin 49
Step 4: Export report of VA conducted•Explanation on Exporting the scanned target vulnerabilities into file.
•Different extension are possible to export like .pdf, .xml etc.•PDF will be used to submit to your higher management.•XML can be used to import in Metasploit for doing pen testing.
•Also you can study by just clicking the vulnerability.
![Page 50: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/50.jpg)
OpenVAS_Group4_Chandrak-Melbin 50
Studying Vulnerability
![Page 51: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/51.jpg)
OpenVAS_Group4_Chandrak-Melbin 51
Exporting as file
![Page 52: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/52.jpg)
OpenVAS_Group4_Chandrak-Melbin 52
PDF file
![Page 53: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/53.jpg)
OpenVAS_Group4_Chandrak-Melbin 53
Exploitation on Vulnerable System•Using NVTs, CVEs and Metasploit
•Video on Denial of Service (DOS) on scanned results.
![Page 54: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/54.jpg)
OpenVAS_Group4_Chandrak-Melbin 54
Windows XP – No Firewall and Updates
![Page 55: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/55.jpg)
OpenVAS_Group4_Chandrak-Melbin 55
Windows XP - No Firewall and Updates
![Page 56: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/56.jpg)
OpenVAS_Group4_Chandrak-Melbin 56
VA
![Page 57: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/57.jpg)
OpenVAS_Group4_Chandrak-Melbin 57
Metasploit
![Page 58: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/58.jpg)
OpenVAS_Group4_Chandrak-Melbin 58
Metasploit
![Page 59: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/59.jpg)
OpenVAS_Group4_Chandrak-Melbin 59
![Page 60: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/60.jpg)
OpenVAS_Group4_Chandrak-Melbin 60
Step 5: Mitigation• As per references provided by OpenVAS,
• Patching the updates and Firewall protected.
![Page 61: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/61.jpg)
OpenVAS_Group4_Chandrak-Melbin 61
Windows XP – Firewall and Auto Updates
![Page 62: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/62.jpg)
OpenVAS_Group4_Chandrak-Melbin 62
VA
![Page 63: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/63.jpg)
OpenVAS_Group4_Chandrak-Melbin 63
Metasploit
![Page 64: OpenVAS: Vulnerability Assessment Scanner](https://reader034.vdocument.in/reader034/viewer/2022042423/58724d9c1a28ab852f8b6429/html5/thumbnails/64.jpg)
OpenVAS_Group4_Chandrak-Melbin 64
Question ???