Thursday, February 14, 2013

How to configure OpenVAS

backtrack, backtrack 5, linux, hacking, tutorial, hacking tutorial, ethical hacking, pentest, penetration testing, pc, wpa, wpa2, metasploit, nmap, browser exploit, information gathering, footprinting, vulnerability assessment


OpenVAS is the most advanced open source vulnerability scanner and manager tool. It already comes pre-installed in Backtrack 5. Today i will show you how to configure this wonderful tool.


Here is the location fo OpenVAS:




backtrack, backtrack 5, linux, hacking, tutorial, hacking tutorial, ethical hacking, pentest, penetration testing, pc, wpa, wpa2, metasploit, nmap, browser exploit, information gathering, footprinting, vulnerability assessment




Setting up OpenVAS


1- Adding a user:

Just follow the graphical menu as shown above and click on "adduser" and follow the instructions.


backtrack, backtrack 5, linux, hacking, tutorial, hacking tutorial, ethical hacking, pentest, penetration testing, pc, wpa, wpa2, metasploit, nmap, browser exploit, information gathering, footprinting, vulnerability assessment



backtrack, backtrack 5, linux, hacking, tutorial, hacking tutorial, ethical hacking, pentest, penetration testing, pc, wpa, wpa2, metasploit, nmap, browser exploit, information gathering, footprinting, vulnerability assessment


Easy configuration as you see :-)

2- Making the certificate:  From the same menu click on  Openvas mkcert and follow instructions.



backtrack, backtrack 5, linux, hacking, tutorial, hacking tutorial, ethical hacking, pentest, penetration testing, pc, wpa, wpa2, metasploit, nmap, browser exploit, information gathering, footprinting, vulnerability assessment



3- Syncing the NVT's: In this step we are going to update the OpenVAS repository to get the latest tools and plugins used to identify vulnerabilities. If you want to be up to date, do this regularly. 
So select OpenVAS NVT Sync from the menu:



backtrack, backtrack 5, linux, hacking, tutorial, hacking tutorial, ethical hacking, pentest, penetration testing, pc, wpa, wpa2, metasploit, nmap, browser exploit, information gathering, footprinting, vulnerability assessment




4- Starting the scanner: Again, from the same graphical menu, click on "start OpenVAS scanner"



backtrack, backtrack 5, linux, hacking, tutorial, hacking tutorial, ethical hacking, pentest, penetration testing, pc, wpa, wpa2, metasploit, nmap, browser exploit, information gathering, footprinting, vulnerability assessment



5- Setup OpenVAS manager: We need here to generate a certificate for OpenVAS manager by running the following command:


root@shinobi:~# openvas-mkcert-client -n om -i




backtrack, backtrack 5, linux, hacking, tutorial, hacking tutorial, ethical hacking, pentest, penetration testing, pc, wpa, wpa2, metasploit, nmap, browser exploit, information gathering, footprinting, vulnerability assessment







Now we need to rebuild the database and you should do this each time you update the NVT's. This is done with a simple command:


root@shinobi:~# openvasmd --rebuild



6- Setup OpenVAS Administrator:


We need to create an administrative user that we will be using to perform all of our vulnerability assesments. This is done by running the following command:


root@shinobi:~# openvasad -c 'add_user' -n openvasadmin -r Admin




backtrack, backtrack 5, linux, hacking, tutorial, hacking tutorial, ethical hacking, pentest, penetration testing, pc, wpa, wpa2, metasploit, nmap, browser exploit, information gathering, footprinting, vulnerability assessment




Note that you can replace "openvasadmin" by any other username of your choice.







Now we need to start Openvas Administrator.
This also runs as a daemon in the background. As I am running everything from my local machine I will be using localhost to listen on and in this case the default port. This is done by running the following command.

root@shinobi:~#openvasad -a 127.0.0.1 -p 9393

Starting Greenbone Security Assistant:


Now we need to start Greenbone security Assistant
This again runs as a daemon in the background. As I am running everything from my local machine I will be using localhost to listen on and in this case the default port. This is done by running the following command.

root@shinobi:~# gsad --http-only --listen=127.0.0.1 -p 9392


At this point your installation is essentially complete, but as we have got this far we may as well continue to make sure everything is working as expected.

We need now to start an application to enable you to communicate with the scanner and other daemons.
The first of these choices is greenbone security desktop.
Start this from the menu item and fill in the credentials and details we created earlier, then click the login button.



backtrack, backtrack 5, linux, hacking, tutorial, hacking tutorial, ethical hacking, pentest, penetration testing, pc, wpa, wpa2, metasploit, nmap, browser exploit, information gathering, footprinting, vulnerability assessment





0 commentaires: