search

OpenVAS Scan

hashtag
Scans Section:

hashtag
Configurations

  1. Before performing any Scans, it is best to configure the targets of the scan

  2. Under: Configuration > Targets

hashtag
Adding your Target

To add your own, click the icon highlighted below and add an individual target or a host list. You also can configure other options such as the ports, authentication, and methods of identifying if the host is reachable. For the Alive Test, the Scan Config Default option from OpenVAS leverages the NVT Ping Host in the NVT Family. You can learn about the NVT Family herearrow-up-right.

hashtag
Autenticated Scans

  • Typically an authenticated utilizes the highest level privilege account, for example the root or Administrator account,

  • This will provide the greatest details within the scan

Once the target has been added, it will appear in the list below

hashtag
Setting up a Scan

Once you have added a target, you can proceed to setting up a scan

Multiple scan configurations leverage OpenVAS Network Vulnerability Test (NVT) Families, which consist of many different categories of vulnerabilities, such as ones for Windows, Linux, Web Applications, etc. You can see a few different types of families shown below:

hashtag
Recommended Scan Types

  • Base: This scan configuration is meant to enumerate information about the host's status and operating system information. This scan configuration does not check for vulnerabilities.

  • Discovery: This scan configuration is meant to enumerate information about the system. The configuration identifies the host's services, hardware, accessible ports, and software being used on the system. This scan configuration also does not check for vulnerabilities.

  • Host Discovery: This scan configuration solely tests whether the host is alive and determines what devices are active on the network. This scan configuration does not check for vulnerabilities as well. OpenVAS leverages ping to identify if the host is alive.

  • System Discovery: This scan enumerates the target host further than the 'Discovery Scan' and attempts to identify the operating system and hardware associated with the host.

  • Full and fast: This configuration is recommended by OpenVAS as the safest option and leverages intelligence to use the best NVT checks for the host(s) based on the accessible ports.

hashtag
Creating Your Own Scan

  1. You can create your own scan by navigating to the 'Scans' tab and clicking the wizard icon

  1. Once you click the wizard icon, a panel will show up

  1. Then you have to input the information according to your scan criteria, for example:

PreviousInstalling OpenVASNextExporting Scans

Last updated