References :
https://www.greenbone.net/en/vulnerability-management/
https://www.slideshare.net/ChandrakTrivedi/openvas-vulnerability-assessment-scanner
- Prevention is better than the cure in every way, this is how information security engineer should think or cure will be nothing worth than firefighting.
- Vulnerability is weakness point or gap in a security program that can be exploited by threats to gain unauthorized access to an asset. We all know that networks are vulnerable but we don’t all know where and how that’s vulnerability comes.
- Vulnerability Assessment (VA) is the process of identifying, quantifying, and prioritizing (or ranking) the potential risks, threats and vulnerabilities in a system making (to-do) check list and develop strategies to deal with them.
- We need to know our systems' weak points to harden them and protect our sensitive information from theft and attacks.
- We all hear about high-skilled hacks that cause loos of sensitive data that happen everyday everywhere, this is why we need to look at our system from outside as an attacker would.
- Servers may be secured, firewalls may be locked on tight polices but what about attached devices, printers, scanners, and fax machines.
- Default configurations are your enemy.
- The aim is to locate any vulnerability that might exist in your IT infrastructure. VA highlight all this is seconds.
- IT security is a process and vulnerability management provides the foundation of this process.
- Once you know where the chinks are in your armor, you can do something about them.
- The process from recognition to remedy and monitoring represents a continuous cycle. You’ll always be one step ahead of attackers.
- You can focus your hot spots, thus increasing the efficiency of antivirus systems, firewalls & Co.
- Any IT system is at risk of attack by skilled hackers.
- Typical causes of vulnerability are improper configuration or programming errors, unauthorized installations or violations of security measures.
- Greenbone Security Manager uncovers these and countless other risks and helps you set priorities.
- See the video at this link: https://www.greenbone.net/wp-content/uploads/Reduce_Attack_Surface_With_VM_v2.mp4
- OpenVAS framework is part of Greenbone Networks' commercial vulnerability management solution from which developments are contributed to the Open Source community since 2009.
- VA and Pen Testing are both deal with finding and fixing security holes but they are not the same thing. VA find vulnerabilities and can rate how dangerous they are, then offer a written report, but pen testing will actually try to exploit the system.
9. OpenVAS OVERVIEW
• Framework of services and tools offering powerful tests on clients
using DB of known exploits and weaknesses.
• How well your clients are guarded against known attacks ??
• OpenVAS is used as
VULNERALABILIT ASSESSMENT tool
and can be used as
PENETRATION TESTING tool.
10. OpenVAS
BENEFITS
• The world's most advanced
open source vulnerability
scanner and manager.
• Compatible with different
Operating System.
• Keeps a history of past scans.
LIMITATIONS
• False negatives may be
reported.
• Find less vulnerabilities as
compared with Nessus.
• Requires 2-3 services to
perform VA.
13. Clients Components
• OpenVAS CLI:
Set of tools that allow
administration through shell.
• Greenbone SecurityAssistant (GSA):
Web-based tool with interface for
variousVA services.
14. Services Components
• OpenVAS Scanner:
Allows us the scan of hostname/ip,
port range or entire networks.
• OpenVAS Manager:
Receives task from Administrator
then use the Scanner to perform VA.
Also processes the results of the scans,
so it generates the final report.
15. Data Components
• NVT’s (Network Vulnerability Tests):
The containers of feed, i.e. test
cases that detect the vulnerabilities,
which are currently over 50,000.
• Results, Configs:
The DB (PostgreSQL) where reports
are collected and where the entire
configuration is stored.
19. CONDUCTING VA USING OpenVAS
Step 1: Installing and Connecting to the OpenVAS.
Step 2: Tabs (Administration Tab, Configuration Tab, SecInfo
Management Tab, and Scan Management Tab).
Step 3: Scanning (New Target, New Task, and Start Scanning).
Step 4: Export report of VA conducted.
20. Step 1: Installing OpenVAS 7 on CentOS 7
• The OpenVAS binary packages aren’t included with the stock repositories.
So, we need to enable the Atomicorp repository.
• First, we need to install a few prerequisites. To do that, run this command.
• Now, we will install OpenVAS 7.
21. Step 1: Connecting to the OpenVAS Web Interface
• Point your browser to
https://localhost:9392.
• Enter the credentials for the admin
user.
• The admin password was generated
during the setup phase.
22.
23. Step 2: Tabs
Explanation of Administration Tab.
• Adding Users, Groups and Roles.
• Updating NVT, SCAP and CERT Feeds.
43. Step 3: Scanning
Explanation for Scanning a Target to find Vulnerabilities.
Procedures:
I. New Target (Creating Target).
II. New Task (Creating Task).
III. Start Scanning.
54. Step 4: Export report of VA conducted
Explanation on Exporting the scanned target vulnerabilities into
file.
Different extension are possible to export like .pdf, .xml etc.
• PDF will be used to submit to your higher management.
• XML can be used to import in Metasploit for doing penetration
testing.
Also you can study by just clicking the vulnerability.