未加星标

OpenVAS - Vulnerability Assessment install on Kali Linux

字体大小 | |
[系统(linux) 所属分类 系统(linux) | 发布者 店小二04 | 时间 2017 | 作者 红领巾 ] 0人收藏点击收藏

This tutorial documents the process of installing OpenVAS 8.0 on Kali linux rolling. OpenVAS is open source vulnerability assessment application that automates the process of performing network security audits and vulnerability assessments. Note, a vulnerability assessment also known as VA is not a penetration test, a penetration test goes a step further and validates the existence of a discovered vulnerability, see what is penetration testing for an overview of what pen testing consists of and the different types of security testing.

What is Kali Linux?

Kali Linux is a Linux penetration testing distribution. It's Debian based and comes pre-installed with many commonly used penetration testing tools such as Metasploit Framework and other command line tools typically used by penetration testers during a security assessment.

For most use cases Kali runs in a VM, you can grab the latest VMWare or Vbox image of Kali from here: https://www.offensive-security.com/kali-linux-vmware-virtualbox-image-download/

Download the full version not Kali light, unless you have a specific reason for wanting a smaller virtual machine footprint. After the download finishes you will need to extract the contents and open the vbox or VMWare .vmx file, when the machine boots the default credentials are root / toor. Change the root password to a secure password.

Alternatively, you can download the ISO version and perform an installation of Kali on the bare metal.

Updating Kali Linux

After installation, perform a full update of Kali Linux.

Updating Kali:

apt-get update && apt-get dist-upgrade -y


OpenVAS - Vulnerability Assessment install on Kali Linux

The update process might take some time to complete. Kali is now a rolling release meaning you can update to the current version from any version of Kali rolling. However, there are release numbers but these are point in time versions of Kali rolling for VMWare snapshots. You can update to the current stable release from any of the VMWare images.

After updating perform a reboot.

Installing OpenVAS 8
OpenVAS - Vulnerability Assessment install on Kali Linux

apt-get install openvas

openvas-setup

During installation you'll be prompted about redis, select the default option to run as a UNIX socket.


OpenVAS - Vulnerability Assessment install on Kali Linux

Even on a fast connection openvas-setup takes a long time to download and update all the required CVE, SCAP definitions.


OpenVAS - Vulnerability Assessment install on Kali Linux

Pay attention to the command output during openvas-setup, the password is generated during installation and printed to console near the end of the setup.


OpenVAS - Vulnerability Assessment install on Kali Linux

Verify openvas is running:

netstat -tulpn


OpenVAS - Vulnerability Assessment install on Kali Linux
Start OpenVAS on Kali

To start the OpenVAS service on Kali run:

openvas-start

After installation, you should be able to access the OpenVAS web application at https://127.0.0.1:9392


OpenVAS - Vulnerability Assessment install on Kali Linux

Accept the self-signed certificate and login to the application using the credentials admin and the password displayed during openvas-setup.


OpenVAS - Vulnerability Assessment install on Kali Linux

After accepting the self-signed certificate, you should be presented with the login screen:


OpenVAS - Vulnerability Assessment install on Kali Linux

After logging in you should be presented with the following screen:


OpenVAS - Vulnerability Assessment install on Kali Linux

From this point you should be able to configure your own vulnerability scans using the wizard.

It's recommended to read the documentation. Be aware of what a vulnerability assessment conductions (depending on configuration OpenVAS could attempt exploitation) and the traffic it will generate on a network as well as the DOS effect it can have on services / servers and hosts / devices on a network.

本文系统(linux)相关术语:linux系统 鸟哥的linux私房菜 linux命令大全 linux操作系统

主题: LinuxDebian
分页:12
转载请注明
本文标题:OpenVAS - Vulnerability Assessment install on Kali Linux
本站链接:http://www.codesec.net/view/530429.html
分享请点击:


1.凡CodeSecTeam转载的文章,均出自其它媒体或其他官网介绍,目的在于传递更多的信息,并不代表本站赞同其观点和其真实性负责;
2.转载的文章仅代表原创作者观点,与本站无关。其原创性以及文中陈述文字和内容未经本站证实,本站对该文以及其中全部或者部分内容、文字的真实性、完整性、及时性,不作出任何保证或承若;
3.如本站转载稿涉及版权等问题,请作者及时联系本站,我们会及时处理。
登录后可拥有收藏文章、关注作者等权限...
技术大类 技术大类 | 系统(linux) | 评论(0) | 阅读(27)