+4 votes
643 views
How to check vulnerabilities with OpenVAS in Kali Linux

in Security by (551k points)
reopened | 643 views

1 Answer

+5 votes
Best answer

1. How to install OpenVAS on Kali Linux

There are certain operating systems that have been developed for specific tasks outside the traditional, that is, they do not have the approach of Windows 10, macOS High Sierra or Ubuntu 17 , since these systems are designed for testing environments. One of these environments is security, which allows a developer to know in detail what vulnerabilities your product may have and thus apply the necessary corrections..

In this security environment, we have an ideal system such as Kali Linux which is a Debian-based Linux distribution, well known to all, whose purpose is to perform advanced security penetration and audit tests.

Kali includes hundreds of tools that have been focused on carrying out information security tasks , such as penetration testing, security investigation, computer forensics and reverse engineering. The Kali Linux system is developed and funded by Offensive Security, which is one of the most recognized organizations in information security training and guarantees integrity and reliability..

Kali Linux is available for download at the following link:

Kali Linux

On this occasion, TechnoWikis will analyze how to install OpenVAS on Kali Linux and thus add another vulnerability and threat analysis tool.

What is OpenVAS?
OpenVAS has been created as a framework that involves a set of services and tools with the purpose of offering a comprehensive and comprehensive solution at the level of vulnerability exploration and management in multiple operating systems.

This application is included in the Greenbone Networks business vulnerability management solution. The real OpenVAS security scanner frequently runs network vulnerability tests (NVT) on more than 45,000 devices.

OpenVAS is free as it is under the GNU General Public License (GNU GPL). At the architecture level, OpenVAS effectively executes Network Vulnerability Testing (NVT) with a structure similar to this:

image

OpenVAS Manager is the central service that allows the consolidation of vulnerability scanning by offering a complete solution at the vulnerability management level. This Manager is responsible for controlling the scanner using OTP (OpenVAS Transfer Protocol) and offers the XML-based OpenVAS Management Protocol (OMP)..

At the level of OpenVAS features we have the following by categories:

OpenVAS scanner
  • Ability to scan multiple destination hosts simultaneously
  • It has OpenVAS Transfer Protocol (OTP)
  • Supports SSL for OTP
  • WMI support
OpenVAS Administrator
  • OpenVAS Management Protocol (OMP)
  • SQL database (sqlite) for settings and scan results
  • SSL support for OMP
  • You can run multiple frequent scan tasks
  • Note management for scan results
  • False positive management to get scan results
  • Scheduled scans
  • It is possible to stop, pause and resume scanning tasks
  • It includes the Master-Slave mode which allows to control many instances from a single central
  • It includes Reports Format Plugin Framework with several add-ons for: XML, HTML, LateX and many more
  • User Management
Greenbone Security Assistant (GSA)
  • It has a client for OMP and OAP
  • Supports HTTP and HTTPS
  • It has a web server in itself (microhttpd), which will not require an additional web server
  • Integrated online help system
  • Multilingual support

1. How to install OpenVAS on Kali Linux


Next, we will see the process of installing OpenVAS on Kali Linux.
Upgrade system

First of all, it will be necessary to update all the system packages, for this we will execute the following line:

 apt-get update && apt-get dist-upgrade -y 
Note
If we wish we can execute them separately.
image

This process can take between 8 to 10 minutes.

OpenVAS installation

Once the system is updated, the next step is to proceed with the installation of OpenVAS, for this we must execute the following command:
 apt-get install openvas 
image

There we must enter the letter S to confirm the download and installation and then we will see the following message:

image

There we will also enter the letter S to confirm the installation of those packages. During the installation process we will see the following message:

image

There we can confirm or not that the affected services are automatically restarted or not. In this way you only have to wait about 10 minutes for the process to conclude.

Important note
In some cases, when we run apt-get install openvas, the error is generated. The openvas package could not be located, in this case TechnoWikis has the solution to it.

For this, we will access the /etc/apt/sources.list directory using the desired editor:

 nano /etc/apt/sources.list 
There we must add the following lines:
 deb http://http.kali.org/kali kali-rolling main contrib non-free deb http://old.kali.org/kali sana main non-free contrib deb http://old.kali.org/kali moto main non-free contrib 
We save the changes and run apt-get update to update the system and thus be able to download and install OpenVAS.
image

Login Join up!


by (3.5m points)
edited

Related questions

+3 votes
3 answers
asked Feb 26, 2020 in Security by backtothefuture (551k points) | 44.5k views
+4 votes
1 answer
+4 votes
1 answer
asked Jun 24, 2019 in Security by backtothefuture (551k points) | 248 views
+4 votes
1 answer
asked Feb 1, 2020 in Security by backtothefuture (551k points) | 2.3k views
+4 votes
1 answer
asked Aug 21, 2019 in Security by backtothefuture (551k points) | 320 views
Sponsored articles cost $40 per post. You can contact us via Feedback
10,632 questions
10,764 answers
510 comments
3 users