From Fedora Project Wiki
No edit summary
No edit summary
 
(16 intermediate revisions by the same user not shown)
Line 1: Line 1:
{{QA/Test_Case
{{QA/Test_Case
|description=Using OpenVAS to scan a hosts or network for vulnerabilities.
|description=This test case tests the ability of OpenVAS to scan a host or network for vulnerabilities.
|setup=
|setup=
* A remote host with various network services (SSH, HTTP, DNS, SMTP ...).
* A remote host with various network services (SSH, HTTP, DNS, SMTP ...) is required. For example: a Linux server with OpenSSH, Apache HTTPd, ISC BIND, Postfix or Sendmail.
For example: a Linux server with OpenSSH, Apache HTTPd, ISC BIND, Postfix or Sendmail; with ports opened in the firewall (or disable iptables temporary with: '''service iptables stop''')
* Open ports of the scanned services in the remote host firewall.
* Install OpenVAS packages:
* Ensure that {{package|openvas-scanner}}, {{package|openvas-libraries}}, {{package|openvas-client}} packages are installed.
<pre>yum install openvas-scanner openvas-libraries openvas-client</pre>
|actions=
|actions=
# Start OpenVAS scanner: '''/etc/init.d/openvas-scanner'''
# Start OpenVAS scanner: {{command| /etc/init.d/openvas-scanner start}}
# Create a new certificate: '''openvas-mkcert'''
# Create a new certificate: {{command|openvas-mkcert}}
# Add a OpenVAS user: '''openvas-adduser'''
# Add a OpenVAS user: {{command|openvas-adduser}}
# Update the NVTs: '''openvas-nvt-sync'''
# Update the NVTs: {{command|openvas-nvt-sync}}
# Restart OpenVAS scanner (take a while for the first time): '''/etc/init.d/openvas-scanner restart'''
# Restart OpenVAS scanner (take a while for the first time): {{command|/etc/init.d/openvas-scanner restart}}
# Start OpenVAS client: '''openvas-client''' (Or System Tools > OpenVAS Client)
# Start OpenVAS client: {{command|openvas-client}} (or System Tools > OpenVAS Client)
# Connect to OpenVAS server with the user created in step 3.
# Create a new scan using the client and wait until it finishes.
# Create a new scan using the client and wait until it finishes.
# Export the report to a HTML or PDF.
# Export the report to HTML or PDF.
|results=
|results=
# The scan should finish correctly.
# The scan should finish correctly.
# In the report, you should see the network services being scanned and vulnerabilities reported if exist.
# In the report, you should see the network services being scanned and vulnerabilities reported.
}}
}}

Latest revision as of 22:22, 28 May 2011

Description

This test case tests the ability of OpenVAS to scan a host or network for vulnerabilities.

Setup

  • A remote host with various network services (SSH, HTTP, DNS, SMTP ...) is required. For example: a Linux server with OpenSSH, Apache HTTPd, ISC BIND, Postfix or Sendmail.
  • Open ports of the scanned services in the remote host firewall.
  • Ensure that Package-x-generic-16.pngopenvas-scanner, Package-x-generic-16.pngopenvas-libraries, Package-x-generic-16.pngopenvas-client packages are installed.

How to test

  1. Start OpenVAS scanner: /etc/init.d/openvas-scanner start
  2. Create a new certificate: openvas-mkcert
  3. Add a OpenVAS user: openvas-adduser
  4. Update the NVTs: openvas-nvt-sync
  5. Restart OpenVAS scanner (take a while for the first time): /etc/init.d/openvas-scanner restart
  6. Start OpenVAS client: openvas-client (or System Tools > OpenVAS Client)
  7. Connect to OpenVAS server with the user created in step 3.
  8. Create a new scan using the client and wait until it finishes.
  9. Export the report to HTML or PDF.

Expected Results

  1. The scan should finish correctly.
  2. In the report, you should see the network services being scanned and vulnerabilities reported.



Retrieved from "https://fedoraproject.org/w/index.php?title=User:Athmane/QA_Testcase_OpenVAS&oldid=238544"