It is said that OpenVAS is a branch of Nessus. After Nessus 3.0 being to change the license, must pay for commercial use, or free download the Home Edition (limit personal use only).
OpenVAS will remain open source license, and Plugins constantly updated, be an alternative to Nessus outside, Kali (another version of BackTrack's) has built OpenVAS, but not completely installed, or is installed in the main program, but other related modules (similar to the Nessus plugins) is not installed, so use OpenVAS Kali must be completed on a this setting, follow these steps (only the first user to perform):
root@kali104:/# openvas-mkcert -q ;establishment of SSL Server Certificates
root@kali104:/# openvas-mkcert-client -n root -i ;establish the credentials Client
root@kali104:/# openvas-nvt-sync ;download (filled) plugins, please be patient it done
root@kali104:/# openvassd ;execution (load) openvas the service, please let it needs to perform heart
root@kali104:/# openvasmd --rebuild ; reconstruction OpenVASE database
root@kali104:/# openvas-scapdata-sync ;sync scapdata
root@kali104:/# openvas-certdata-sync ;sync evidence
root@kali104:/# openvasad -c add_user -n admin -r Admin ;create an administrator account root
root@kali104:/# openvas-check-setup ;checking whether fully installed OpenVAS
root@kali104:/# openvas-adduser ;Set up user accounts
openvas-mkcert : SSL certificate is established, the parameter-q straight to the default value is created, if not the parameter-q, will gradually ask.
openvas-mkcert-client:Client certificate is established, the parameter-n [NAME] Specifies the user name and user registration OpenVAS Scanner, parameter-i is attached to this certificate OpenVAS Manager, establish information will exist / var / lib / openvas / users / directory
openvas-nvt-sync:update OpenVAS Pluginss utility from after Kali Image has now been established there are many updates, so execution openvas-nvt-sync after a long time to wait!
openvasmd:This is openvas management programs, - rebuld rebuilding database
openvasad:OpenVAS Management is "manager" style public works, can view the available parameter-h
root@kali104:/# openvas-nvt-sync ;remember to frequently update
root@kali104:/# openvasmd --rebuild ;After the sync finished, let it run about rebuild
root@kali104:/# openvas-scapdata-sync ;sync scapdata
root@kali104:/# openvas-certdata-sync ;sync evidence
root@kali104:/# openvas-scanner start ; in / etc / init.d /
root@kali104:/# openvas-manager start
root@kali104:/# openvas-administrator restart
root@kali104:/# greenbone-security-assistant restart
You have to run above command every time that sytem restarted. So, you can write
them to a bash file as:
#! /bin/bash
clear
openvas-nvt-sync
openvasmd --rebuild
openvas-scapdata-sync
openvas-certdata-sync
openvas-scanner start
openvas-manager start
openvas-administrator restart
greenbone-security-assistant restart
For example, save above text to file 'run_openvas'
and
chmod + x run_openvas
Now, you run them ty type
. / run_openvas
After server is up, How
can we to perform scan task? In the Browser(ex, IE, FireFox...) browse to
https:// <openvas-server的IP> : 9392 / /
Port 9392 is greenbone-security-assistant port through greenbone-security-assistant UI interface provided on OpenVAS on the target computer can scan!
After note: I have to sync openvas-nvt-Sync, openvas-scapdata-Sync spent a total of two days, because the download speed may be too slow, there are only a few dozen-Byte to a dozen-KB speed, during downloading also take to break, so the first time be more patient!