Connection to OpenVAS and OpenVAS vulnerability scan

Connection to OpenVAS and OpenVAS vulnerability scan
Connection to OpenVAS connection

After you install and configure OpenVAS, you can use different clients to connect to the server. Then, vulnerability scanning is performed on the target host. In this tutorial, you will use the simplest browser client to connect to the OpenVAS service. This method is not only simple, but also allows users to connect to the server in any system. If you use other methods, you must install the OpenVAS client program on the client. This section describes how to connect to and manage OpenVAS.

Start OpenVAS

Since OpenVAS works based on the C/S (Client/Server) and B/S (Browser/Server) architectures. Therefore, to use this tool, you must first start the OpenVAS service before the client can connect and use it. The following describes how to start the OpenVAS service.

1. Start the service

Generally, after the plug-in is updated, several programs corresponding to the OpenVAS service will start. Therefore, before starting a service, you can run the netstat command to check whether the service has been started. By default, OpenVAS listens to ports 9390, 9391, and 9392. Therefore, you can execute the following command:

• Root @ Kali :~ # Netstat-antp | grep 939 *

• Active Internet connections (servers and established)

• Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name

• Tcp 0 0 127.0.0.1: 9390 0.0.0.0: * LISTEN 24705/openvasmd

• Tcp 0 0 127.0.0.1: 9391 0.0.0.0: * LISTEN 24690/openvassd: Wa

• Tcp 0 0 127.0.0.1: 9392 0.0.0.0: * LISTEN 24718/gsad

From the output information, we can see that all three ports starting with 939 have been listened on, and the host address of the listener is 127.0.0.1. This indicates that the OpenVAS service has been started and only access from the local loopback address 127.0.0.1 is allowed. If the above information is not displayed, the service is not started. In this case, you can use the openvas-start command to start the service, as shown below:

• Root @ Kali :~ # Openvas-start

• Starting OpenVas Services

• Starting Greenbone Security Assistant: gsad.

• Starting OpenVAS Plugin: openvassd.

• Starting OpenVAS Manager: openvasmd.

If the preceding information is displayed, the OpenVAS service is successfully started. If the OpenVAS service has been started, an error occurs when you execute the preceding command. As follows:

• Starting OpenVas Services

• Starting Greenbone Security Assistant: ERROR.

• Starting OpenVAS failed: ERROR.

• Starting OpenVAS Manager: ERROR.

From the output information, we can see that all three OpenVAS programs are displayed as ERROR ).

2. Stop the service

When you modify some configurations, you often need to restart the service to make the configuration take effect. Therefore, you must stop the service before restarting it. Stop the OpenVAS service and run the following command:

• Root @ kali :~ # Openvas-stop

• Stopping OpenVas Services

• Stopping Greenbone Security Assistant: gsad.

• Stopping OpenVAS Plugin: openvassd.

• Stopping OpenVAS Manager: openvasmd.

From the output information, we can see that all services related to OpenVAS have been stopped. Then run the openvas-start command to restart the OpenVAS service.

Tip: Use the openvas-stop or openvas-start command to stop or start three programs in OpenVAS, namely Greenbone Security Assistant, OpenVAS plugin, and OpenVAS Manager. If you want to start or stop a single service, you can use the service command. The syntax format is as follows:

• Service [service name] start | stop

The service names corresponding to the preceding three programs are greenbone-security-assistant, openvas-plugin, and openvas-manager.

OpenVAS Connection Service

After the OpenVAS service is successfully started, you can connect to the service and scan it. According to the previous introduction, you can see that OpenVAS has three different client programs: OpenVAS command line interface, Greenbone installation assistant, and Greenbone desktop suite. In addition, the client can be used in any operating system. In Kali Linux, The Greenbone installation assistant is installed by default. Therefore, you can use a browser to connect to the OpenVAS service in any operating system. The following describes how to connect to the service.

1. Set the address of the OpenVAS Server

By default, OpenVAS allows only 127.0.0.1 (local loopback address) to connect to the service. In other words, other clients cannot log on. If you want to log on to another client, you need to modify the GSA_ADDRESS configuration item in the OpenVAS configuration file. The main configuration file of OpenVAS is saved in/etc/default/greenbone-security-assistant by default. Open the file in the VI editor. The configuration items of GSA_ADDRESS are as follows:

• Root @ Kali :~ # Vi/etc/default/greenbone-security-assistant

• GSA_ADDRESS = 127.0.0.1

In this case, you only need to change 127.0.0.1 to the address of the local Ethernet interface. For example, if the local Ethernet interface address is 192.168.1.108, the modification is as follows:

• GSA_ADDRESS = 192.168.1.108

After modifying the preceding content, save and exit the configuration. Then, restart the OpenVAS service to make the configuration take effect.

Some default settings of OpenVAS are set in the greenbone-security-assistant file, such as the default port, address, and certificate. The following describes several other configuration items:

• GSA_PORT = 9392 # default listening port of GSA

• # GSA_SSL_PRIVATE_KEY = # specify the GSA Private Key File

• # GSA_SSL_CERTIFICATE = # specify the GSA Certificate

• # GSA_REDIRECT = 1 # Set HTTP redirection

• # GSA_REDIRECT_PORT = 9394 # port of the GSA redirection listener

• MANAGER_ADDRESS = 127.0.0.1 # address listened to by default by OpenVAS

• MANAGER_PORT = 9390 # default listening port of OpenVAS

The above is an introduction to several configuration items. The configuration item is preceded by the "#" symbol, indicating that the configuration item is disabled. If you need to set these configuration items, remove the "#" symbol. In addition, you can reset the new address or port.

2. Connect to the OpenVAS Server

[Example 1-2] connect to the OpenVAS service. The procedure is as follows:

(1) Enter https: // ip address: 9392/address in the address bar of the browser to log on to the OpenVAS server. Here, the IP address is the address specified by GSA_ADDRESS. 9392 refers to the port listened to by OpenVAS by default, that is, the value of GSA_PORT configuration item. If you set it to another port, the port entered here is the port specified by the user. After successful login, a trusted connection interface is displayed, as shown in Figure 1.2.

Note: When connecting to the OpenVAS service, the entered address uses https instead of http.

Figure 1.2 untrusted links

(2) The Connection accessed in the browser is displayed as untrusted. This is because the connection uses the https protocol and the correct certificate is not provided. On this page, click the I Understand the Risks command. the page shown in 1.3 is displayed.

(3) The interface prompts the risks of accessing the connection. If the connection is correct, click Add Exception to Add an Exception, as shown in Figure 1.4.

Figure 1.3 risk information Figure 1.4 add exceptions

(4) The connection information for the exception is displayed. Click Confirm Security Execption to Confirm that you want to trust the connection. After the connection is trusted, the interface shown in 1.5 is displayed.

Figure 1.5 OpenVAS logon page

(5) This is the logon interface of OpenVAS. you can log on to this service by entering the user name and password. Here, the username is the admin user automatically created when OpenVAS is configured. The password is 123456. Enter the user name and password, and click the Login button to log on to OpenVAS. After successfully logging on to the service, the page shown in 1.6 is displayed.

Figure 1.6 Main Interface of OpenVAS

Tip: The displayed content is in English. This is because the Kali Linux system is an English version system. If the user uses a Chinese version of the client (such as Windows 7 and Android devices), the content displayed after logon is Chinese.

(6) If you see the content displayed on this page, it means that you have successfully logged on to the OpenVAS service.

Note: After you restart the system, you need to restart the service if you want to use the OpenVAS tool. Otherwise, you cannot log on to the server. If an error occurs when you start the service, use the openvas-setup command to re-Synchronize the database and automatically start the service.

This article is selected from: OpenVAS basic vulnerability scan tutorial Ba internal information, reprinted please indicate the source, respect technology respect it people!

Copyright Disclaimer: This article is an original article by the blogger and cannot be reproduced without the permission of the blogger.