Greenbone OpenVAS
The Greenbone OpenVAS (Open Vulnerability Assessment System) is an open-source vulnerability scanning and management framework. OpenVAS is introduced to help organizations identify security weaknesses in their networks, systems, and applications by scanning for known vulnerabilities.
Features
- Vulnerability scanning.
OpenVAS framework scans systems for vulnerabilities, missing patches, misconfigurations, and other security related issues.
2. Compliance auditing.
The Greebone OpenVAS performs compliance checks against various standards, such as PCI-DSS, HIPAA, GDPR, and others.
3. Extensive Vulnerability Database
OpenVAS uses a regularly updated databases of over 100,000 vulnerability tests, known as Network Vulnerability Tests (NVTs).
4. Reporting and alerts
The Greenbone OpenVAS framework generates detailed reports on the basis of detected vulnerabilities, their severity, and remediation steps. The reports can be customized as per organization’s requirements and can also be exported in various file formats (e.g., HTML, PDF, etc.).
5. Integration capabilities
OpenVAS can be integrated with other third-party security tools, systems, CI/CD pipelines, and also provides API access to enhance the security posture.
6. Open Source
Greenbone OpenVAS is freely available and high customizable, allows users to tailor the tool to their specific needs.
Components
- OpenVAS Scanner
The OpenVAS Scanner is the core engine that performs the scanning operations. The scanner runs various Network Vulnerability Tests (NVTs) against the targets to detect vulnerabilities.
2. OpenVAS Manager
OpenVAS Manager component manages scan configurations, schedules, and stores the results. The manager orchestrates the scanning process and manages the generated information.
3. Greenbone Security Assistant (GSA)
The Greenbone Security Assistant (GSA) is the web-based interface to interact with OpenVAS. Also provides an intuitive way to configure scans, review results, and generate reports.
4. Greenbone Vulnerability Manager (GVM)
Greenbone Vulnerability Manager component manages the overall vulnerability assessment process, handling the NVTs, user management, and also the report generation.
5. Greenbone Community Feed
The Greenbone Community Feed is a free vulnerability feed provided by Greenbone Networks, which includes thousands of NVTs. This feed is regularly updated to include the latest vulnerabilities and exploits.
Installation
Before installing the Greenbone OpenVAS framework, there are some prerequisite steps to be done.
Let’s start with the repository updation of Kali Linux OS.
sudo apt update
Now we’ll install the latest available packages which are cached from repository retrieving process (previous step).
sudo apt upgrade
The final prerequisite step is to upgrade the Kali Linux OS distribution packages.
sudo apt dist-upgrade
After the successful completion of updating and upgrading the Kali Linux OS, restart the machine.
Now let’s get into the actual installation of Greenbone OpenVAS framework.
sudo apt install openvas*
Once the openvas packages are installed, let’s execute the setup command.
sudo gvm-setup
If the package installations are successful, we’ll be provided a password for the user “admin” as shown below.
The provided password for the user “admin” should be noted.
The next step is to verify the installation of OpenVAS.
sudo gvm-check-setup
The whole OpenVAS framework installation and configuration was successful. Before starting the OpenVAS services, first let’s stop all services which are related to the OpenVAS framework.
sudo gvm-stop
Let’s start the Greenbone OpenVAS services now.
sudo gvm-start
Once the services are started successfully, a web UI link will be given.
http://127.0.0.1:9392
When we visit the above mentioned link in the browser for the first time, due to security reasons we’ll have to click on Advanced and Accept the Risk and Continue.
After the previous step, we’ll be redirected to the login page of Greenbone OpenVAS framework.
Use the username “admin” and the automatically generated password (while executed the command “sudo gvm-setup”) to login.
Once the login is successful, the dashboards section will be displayed.
The installation and the configuration of Greenbone OpenVAS framework has been successfully completed. But the user “admin” is still using the automatically generated password for logging. Let’s change the password using the web interface.
Go to the top right corner of the webpage, click on the user avatar.
Then click on “My Settings”.
Click on the notepad icon (next to the question mark icon, used to navigate to the Greenbone documentation website) shown above the title My Settings.
Input the old password and the new password, then click Save.
Logout and login with the new password.
The Greenbone OpenVAS framework has been installed successfully.
There will be a follow-up blog regarding the vulnerability scanning and other features of Greenbone OpenVAS framework. So stay tuned !!!
