What is OpenVAS?

OpenVAS (Open Vulnerability Assessment System) is a comprehensive vulnerability scanner and security assessment tool. It’s part of Greenbone Security Manager and performs network security testing by scanning systems for thousands of known vulnerabilities and misconfigurations. The tool uses a regularly updated feed of Network Vulnerability Tests (NVTs) to detect security issues, provides detailed reports, and can be managed through a web interface. OpenVAS is popular among security professionals and system administrators because it’s open-source and offers capabilities similar to commercial vulnerability scanners.

How to install it?

First, we need to update our system.

sudo apt update && sudo apt upgrade -y

Then, we need to install docker.

sudo apt install docker.io

Final, start the OpenVAS docker container

docker run -d -p 443:443 --name openvas mikesplain/OpenVAS

Starting a Scan

  1. Navigate to https://127.0.0.1:443
  • Use default login credentials: admin:admin
  1. Go to Assets > Hosts
  • Scroll down
  • Click the star icon under Actions
  1. Enter target IP address
  • Type in the IP of the machine to scan
  1. Create new task
  • Navigate to Dashboard
  • Click the star icon
  • Click New Task
  • Click Create
  1. Start scan
  • Under Actions, click Start button
  • Wait for scan to complete

Conclusion

OpenVAS provides a powerful, open-source solution for vulnerability assessment that’s both accessible and effective. Through a simple Docker installation process and an intuitive web interface, users can quickly set up and begin scanning their systems for potential security vulnerabilities. Whether you’re a security professional or system administrator, OpenVAS offers a robust set of tools comparable to commercial alternatives, making it an excellent choice for organizations looking to strengthen their security posture. By following the steps outlined above, you can start identifying and addressing potential security risks in your network infrastructure immediately. Remember to regularly update your OpenVAS installation to ensure you have the latest vulnerability definitions and maintain optimal security scanning capabilities.