I am here again after quite a long time now. The reason was simply my MS Degree. For those of you who does not know i started my MS degree in Information Security. Luckily i got admission in one of the top University of Pakistan, NUST (National University of Science and Technology). Any ways, today my topic for this blog post is OpenVAS, The world’s most advanced open source vulnerability scanner and manager.
OpenVAS is the abbreviation of Open Vulnerability Assessment System. OpenVAS is basically a framework of different services which not only provides the vulnerability scanning solution but also provides the vulerability management solution. OpenVAS Vulnerability tests are carried out using Network Vulnerability Tests feeds which are usually updated daily.
Let me first explain the architecture of the OpenVAS.
The core of the OpenVAS is its scanner called OpenVAS Scanner. The OpenVAS Scanner scans the target system by using NVTs which are updated daily and available freely but commercials feeds can also be used with scanner for scanning.
OpenVAS Manager is the service which uses the plain scanning of OpenVAS Scanner and provides the vulnerability management solution. It controls the scanner via OTP which is OpenVAS Transfer protocol and itself offers XML based OpenVAS Management Protocol (OMP). The Manager also interacts with a database which stores configurations related to the OpenVAS and also stores the scanning results. It also handles user management.
There are two basic clients available to interact with OpenVAS Manager for performing various tasks.
Greenbone Secuirty Assistant
Greenbone Secuirty Assistant (GSA) is a web based client offering an easy to use interface to perform various tasks related to OpenVAS.
OpenVAS CLI contains the command line tool “omp” which allows to create batch processes to drive OpenVAS Manager.
The Whole working of the OpenVAS can be described by the following picture taken from http://openvas.org
You can comment and ask any question if you have about OpenVAS.