Perform a Network Vulnerability Scan with OpenVAS
Objective
Learn how to perform a comprehensive network vulnerability scan using OpenVAS (Open Vulnerability Assessment System) to identify security weaknesses in a target environment.
Purpose
OpenVAS is a powerful vulnerability scanning tool used to:
- Identify misconfigurations, outdated software, and security flaws.
- Generate detailed reports for remediation.
- Simulate real-world attacks to enhance network security.
Tools Required
- Kali Linux (or another Linux distribution with OpenVAS installed).
- Target systems (physical or virtual machines) for scanning.
Lab Topology
- Kali Linux: Running OpenVAS.
- Target Systems: Devices or virtual machines within your network.
Note: Ensure you have explicit permission to scan the target systems.
Walkthrough
Task 1: Installing OpenVAS
- Update the System:
sudo apt update && sudo apt upgrade -y
- Install OpenVAS:
sudo apt install openvas -y
- Initialize OpenVAS:
sudo gvm-setup
- This command downloads and configures the necessary components.
- The process may take several minutes.
- Start OpenVAS Services:
sudo gvm-start
- Access the Web Interface:
- Open a web browser and navigate to:
https://<kali_ip>:9392
- Replace
<kali_ip>
with the IP address of your Kali Linux machine. - Log in with the default credentials:
- Username:
admin
- Password: Generated during the setup (shown in the terminal).
- Username:
- Open a web browser and navigate to:
Task 2: Configuring OpenVAS
- Update Feeds:
- Once logged in, navigate to Administration > Feed Status.
- Ensure all feeds (e.g., SCAP and CERT) are up-to-date.
- If not, click Update Feeds.
- Create a Scan Target:
- Go to Configuration > Targets.
- Click New Target.
- Provide the following details:
- Name: Enter a descriptive name (e.g., “Internal Network”).
- Hosts: Specify the target IP or range (e.g.,
192.168.1.0/24
). - Port List: Use the default or customize as needed.
- Save the target.
Task 3: Creating and Running a Vulnerability Scan
- Create a New Task:
- Navigate to Scans > Tasks.
- Click New Task.
- Fill in the details:
- Name: Enter a descriptive name (e.g., “Vulnerability Scan”).
- Scan Targets: Select the target you created earlier.
- Scan Config: Use “Full and Fast” for a comprehensive scan.
- Save the task.
- Start the Scan:
- Select the task from the list.
- Click the Start Scan button.
- Monitor the Progress:
- Go to Scans > Running Scans to view the scan status.
- Wait for the scan to complete (this may take time depending on the target size).
Task 4: Reviewing Scan Results
- Access Scan Results:
- Navigate to Scans > Reports.
- Click on the completed scan to view the details.
- Analyze Vulnerabilities:
- Review the severity levels:
- High: Critical vulnerabilities requiring immediate action.
- Medium: Moderate issues that should be addressed.
- Low: Informational or minor issues.
- Review the severity levels:
- Export the Report:
- Click Download Report.
- Choose the desired format (e.g., PDF, HTML, or XML).
- Plan Remediation:
- Use the report to prioritize fixes for high and medium-severity vulnerabilities.
Task 5: Best Practices for Using OpenVAS
- Update Regularly:
- Ensure OpenVAS feeds are up-to-date to detect the latest vulnerabilities.
- Use Credentialed Scans:
- Configure credentials for better insights into system vulnerabilities.
- Scan in a Controlled Environment:
- Avoid scanning production systems without prior authorization.
- Document and Track:
- Keep a record of scan results and remediation progress.
Key Takeaways
- OpenVAS is a comprehensive vulnerability scanning tool suitable for identifying and addressing security weaknesses.
- Configuring targets and tasks properly ensures accurate and actionable results.
- Regular scans and feed updates are essential for maintaining network security.
Troubleshooting Tips
- Web Interface Not Accessible:
- Ensure OpenVAS services are running:
sudo gvm-check-setup
- Ensure OpenVAS services are running:
- Login Issues:
- Reset the admin password:
sudo gvmd --user=admin --new-password=<new_password>
- Reset the admin password:
- Scan Failures:
- Verify network connectivity between the scanner and target systems.
- Check for firewall rules blocking the scan.
By completing this lab, you’ve gained hands-on experience with OpenVAS, a key tool for vulnerability management and assessment.