Skip to content

OpenVas

The OpenVAS GVM Vulnerability Scanner is an advanced, open-source security tool designed for comprehensive vulnerability assessment and management. It efficiently scans and identifies potential security weaknesses in network services and software systems. AWS Marketplace: Openvas

OpenVAS GVM Login:

  • ssh into your server: ssh kali@ip-of-server
  • Run from Terminal to find your instance id - curl -s http://169.254.169.254/latest/meta-data/instance-id
  • Recommended: Update gvm feeds ( Takes a while ) > sudo gvm-feed-update
  • Go to your browser - https://ip-of-server
  • Login - username: admin paswword: instance id

OpenVas Basics:

  • Dashboard: Check Feeds > Administration > Feed Status
  • Dashboard: Create a new Target > Configuration > Target > Select - Top Left: Paper W/ Star > New Target > Enter IP or Cidr range > Choose your options
  • Dashboard: Create a New Port List > Configuration > Port List > Select - Top Left: Paper W/ Star > New Port List
  • Dashboard: Quick Scan > Scans > Tasks > Select - Top Left: Paper W/ Star > New Task > Select Target > Set to once > Start
  • Terminal: Update Password > sudo runuser -u _gvm -- gvmd --user=admin --new-password=decyphertek && sudo systemctl daemon-reload && sudo systemctl restart gvmd
  • Terminal: Update Feeds > sudo gvm-feed-update
  • Terminal: Add New user > sudo runuser -u _gvm -- gvmd --create-user=newuser --new-password=password
  • Getting Started W/ Openvas GVM > https://www.youtube.com/watch?v=LGh2SetiKaY

Troubleshooting:

  • AWS Basics - https://decyphertek.readthedocs.io/en/latest/products/aws-basics/
  • Check the status of GVM > sudo systemctl status gvmd
  • Stop GVM > sudo gvm-stop -h
  • Start FVM > sudo gvm-start -h

Security Features:

  • Ossec Hids - https://decyphertek.readthedocs.io/en/latest/technotes/OSSEC/
  • Crowdsec IPS - https://decyphertek.readthedocs.io/en/latest/technotes/Crowdsec/
  • UFW Host Firewall - https://decyphertek.readthedocs.io/en/latest/technotes/UFW/
  • Auditd Logging - https://decyphertek.readthedocs.io/en/latest/technotes/Auditd/
  • Automated Updates - Update script upon first boot and at 1am daily.

References:

  • https://www.kali.org/
  • https://openvas.org/