Basic OpenVAS vulnerability scan Tutorial: Creating user groups and Roles

Basic OpenVAS vulnerability scan Tutorial: Creating user groups and Roles
In the Basic tutorial of OpenVAS vulnerability scan, creating a user group and creating a user group using the OpenVAS role refer to the combination of multiple users. In the network, the permissions of users accessing the network may be different. Therefore, users with the same permissions can be grouped into one group. In this way, you do not need to set permissions for a specific user. You only need to set group permissions. The following describes how to create a user group. The procedure is as follows:
(1) On the main interface of OpenVAS, click Administration | Groups to open the user group interface, as shown in Figure 1.16.

Figure 1.16 group page
(2) you can see from this interface that no group has been created yet. On this page, click (new group) to open the page shown in 1.17.

Figure 1.17 create a group
(3) There are three configuration items on the interface. The meaning of each configuration item is as follows:

Q Name: Name of the new group

Q Comment: Set comments. You can leave it unspecified.

Q Users: Set the Users to join the group.

In this example, create a group named TestTeam and add bob and alice to the group. Content 1.18 is displayed.

Figure 1.18 new group information

(4) Click Create Group to Create a TestTeam Group. After the TestTeam group is created, the page shown in 1.19 is displayed.

Figure 1.19 Group details

(5) The detailed information of the TestTeam group is displayed on this page. Click a button on the page to return to the user group list page, as shown in Figure 1.20.

Figure 1.20 New Group

(6) you can see from this interface that the TestTeam group has been successfully created. You can click the four icons under Actions on the right to delete, edit, clone, and export the group information as XML. The specific implementation method is similar to the user operation, so we will not introduce this here.

To verify whether bob and alice are successfully added to the TestTeam group, you can run the Administration | Users command to view user information, as shown in Figure 1.21.

Fig 1.21 user interface

You can see from this interface that bob and alice are already in the TestTeam group.

Tip: it is important to create a group when a large number of users need to manage it. If there are only a few users, there is no need to create a group.

Create a role in OpenVAS

Roles are users with different levels of permissions. By default, OpenVAS creates seven roles: Admin (Administrator), Guest (Guest user), Info (Information Browsing), Monitor (performance monitoring), and Observer (Observer) super Admin and User ). The Super Admin user has the highest permissions. If none of these roles meet your needs, you can manually create a new role.

[Example 1-3] Create a role. The procedure is as follows:

(1) On the main interface of OpenVAS, click the Administration | Roles command to open the role list page, as shown in Figure 1.22.

Fig 1.22 role list

(2) There are seven roles by default. You can click a role name to view its permissions. For example, to view the permissions of the Info role, the page shown in 1.23 is displayed.

Figure 1.23 permissions of the Info role

(3) The Info role has eight permissions. For example, authenticate (Logon Allowed), commands (multiple OMP commands can be run at a time), and get_aggregates (aggregates can be read. You can also click the icon under Actions to view details of each permission. On this page, click (create role) to open the create role page, as shown in Figure 1.24.

Figure 1.24 create a role

(4) enter the role Name in the Name text box of the interface; enter the Comment information in the Comment text box; and enter the user who uses the role in the Users text box. The role information created in this example, as shown in Figure 1.24. Then, click Create Role to Create a Role. The page shown in 1.25 is displayed.

Figure 1.25 role details

(5) The detailed information of the new TestTeam role is displayed. The displayed information shows that the role does not have any permissions. Click the icon to edit the role and set new permissions, as shown in Figure 1.26.

Figure 1.26 edit role page

(6) You can modify the role name, user, and permissions on this page. All permissions can be viewed in the text box on the right of Name in New Permission. For example, select the authenticate (May login) Permission and click Create Permission. You can use this method to create multiple permissions in sequence. After the permission is created, the created permission is displayed under Permissions, as shown in Figure 1.27.

Figure 1.27 new Permissions

(7) The authenticate and commands permissions are created on this page. If you want to delete a permission, click the icon in Actions. On this page, you can also create permissions for groups. For example, select TestTeam as the group, and click Create Permissons to Create the group. After creation, click the icon to return to the role list, as shown in Figure 1.28.

Fig 1.28 role list

(6) The new role named TestTeam is displayed on this page. Click the role to view its details, as shown in Figure 1.29. On this page, you can also click four icons to delete, edit, clone, and export roles as XML.

Figure 1.29 details of the TestTeam role

Tip: To grant different permissions to users in OpenVAS, you can assign different permissions to users by creating different roles and adding users to the roles.