From Fedora Project Wiki

Description

Using OpenVAS to scan a hosts or network for vulnerabilities.

Setup

  • A remote host with various network services (SSH, HTTP, DNS, SMTP ...).

For example: a Linux server with OpenSSH, Apache HTTPd, ISC BIND, Postfix or Sendmail. Note: the ports of the scanned services must be opened in the firewall.

  • Install OpenVAS packages:
yum install openvas-scanner openvas-libraries openvas-client

How to test

  1. Start OpenVAS scanner: /etc/init.d/openvas-scanner
  2. Create a new certificate: openvas-mkcert
  3. Add a OpenVAS user: openvas-adduser
  4. Update the NVTs: openvas-nvt-sync
  5. Restart OpenVAS scanner (take a while for the first time): /etc/init.d/openvas-scanner restart
  6. Start OpenVAS client: openvas-client (Or System Tools > OpenVAS Client)
  7. Log in with the user created in step 3.
  8. Create a new scan using the client and wait until it finishes.
  9. Export the report to a HTML or PDF.

Expected Results

  1. The scan should finish correctly.
  2. In the report, you should see the network services being scanned and vulnerabilities reported if exist.



Retrieved from "https://fedoraproject.org/w/index.php?title=User:Athmane/QA_Testcase_OpenVAS&oldid=238443"