• Quick Start with OpenVAS
    		•

    | Chapter 4: Looking for Vulnerabilities




    Download 22,59 Mb.
    Pdf ko'rish
    bet124/225
    Sana14.05.2024
    Hajmi22,59 Mb.
    #232856
    1   ...   120   121   122   123   124   125   126   127   ...   225
    Bog'liq
    learningkalilinux

    128 | Chapter 4: Looking for Vulnerabilities

    just like antivirus programs. When you set up OpenVAS, one of the first things that
    happens is that the current collection of vulnerability definitions will be downloaded.
    If you have the system running regularly with the OpenVAS services, your vulnerabil‐
    ities will get updated for you. If you have had OpenVAS down for a time and you
    want to run a scan, it’s worth making sure that all of your signatures are updated. You
    can do this on the command line by using the command 
    greenbone-nvt-sync
    . Open‐
    VAS uses the Security Content Automation Protocol to exchange information
    between your installation and the remote servers where the content is stored.
    OpenVAS uses a web interface, much like a lot of other applications today. To get
    access to the web application, you go to 
    https://localhost:9392
    . When you log in, you
    are presented with a dashboard. This includes graphs related to your own tasks. The
    dashboard also presents information about the vulnerabilities it knows about and
    their severities. In 
    Figure 4-5
    , you can see a web page open to the dashboard. You will
    see the URL is a host on my local network because I’m accessing it remotely from my
    laptop. If you were on the desktop of your Kali system, you would use the preceding
    URL. The OpenVAS team calls their UI the 
    Greenbone Security Assistant
    .
    Figure 4-5. Greenbone Security Assistant
    The menus for accessing features and functions are along the top of the page. From
    there, you can access features related to the scans, assets, and configurations, as well
    as the collection of security information that OpenVAS knows about, with all the vul‐
    nerabilities it is aware of.
    Quick Start with OpenVAS
    While OpenVAS is certainly a dense piece of software, providing a lot of capabilities
    for customization, it does provide a simple way to get started. A scan wizard allows
    you to just provide a target and get started scanning. If you want to get a quick sense
    of common vulnerabilities that may be found on the target, this is a great way to go. A
    simple scan using the wizard will use the defaults, which is a way to get you started

    Download 22,59 Mb.
    1   ...   120   121   122   123   124   125   126   127   ...   225




    Download 22,59 Mb.
    Pdf ko'rish