OpenVAS



  • Hi,

    I recently stumbled upon OpenVAS ... has anyone used it ?



  • I have not. I might dl it and throw it on an Ubuntu server when i have some time at work, see what happens.



  • I've used it a few times. It has been a while though. It seems to work well if you give it enough RAM, etc.



  • I haven't used it but it seems like a very useful tool from what I've read so far.



  • Of your guys experience how difficult is this to setup for the targets?

    It does seem to be useful, just curious how far into the system I'd have to get before I saw some usable returns.



  • From what I remember, it was easy to set up... Just pick the Subnets (or individual servers) that you want to scan, and pick what scans you want it to do... Start the scan, and wait for it to generate a report.



  • @dafyre said in OpenVAS:

    From what I remember, it was easy to set up... Just pick the Subnets (or individual servers) that you want to scan, and pick what scans you want it to do... Start the scan, and wait for it to generate a report.

    I'll spin it up and give it a go again to make sure it's still what I remember.



  • I set it up a few months back. (Still have it on my XS in fact.)

    I had a few issues getting it set up, but eventually got it to work.



  • @dafyre said in OpenVAS:

    From what I remember, it was easy to set up... Just pick the Subnets (or individual servers) that you want to scan, and pick what scans you want it to do... Start the scan, and wait for it to generate a report.

    How effective/accurate is it ?



  • I'm just taking a blind guess that the "demo" version is marked as so, but not limited in anyway?



  • @DustinB3403 said in OpenVAS:

    I'm just taking a blind guess that the "demo" version is marked as so, but not limited in anyway?

    It's all free and open source. I don't think there is a demo.



  • @Veet said in OpenVAS:

    @dafyre said in OpenVAS:

    From what I remember, it was easy to set up... Just pick the Subnets (or individual servers) that you want to scan, and pick what scans you want it to do... Start the scan, and wait for it to generate a report.

    How effective/accurate is it ?

    That's one of the things I never actually got working. Couldn't figure out the scanning. I am sure it works, just didn't have the time to figure out what I needed.

    Hmmm, what would @scottalanmiller say here?

    SAM: "that's like building a car, and not knowing if it drives or not"



  • http://www.openvas.org/vm.html

    Demo is plainly listed, I'm guessing that is just put there to say, hey if you want to do this, you should really build from sources.



  • @DustinB3403 said in OpenVAS:

    http://www.openvas.org/vm.html

    Demo is plainly listed, I'm guessing that is just put there to say, hey if you want to do this, you should really build from sources.

    Yeah, no idea what that is.



  • @DustinB3403 said in OpenVAS:

    http://www.openvas.org/vm.html

    Demo is plainly listed, I'm guessing that is just put there to say, hey if you want to do this, you should really build from sources.

    Scroll down to the bottom of the page, and you'll read the following : -

    ***Important note on these Virtual Appliances

    Please note that these virtual appliances are for demonstration/testing purposes and not recommended for regular production uses, particularly for more than a few hosts depending on local system resources. The OpenVAS scanner is resource intensive and may take a long time to start on slower systems, especially when run as a VM on laptops.***



  • The DEMO build is just an OVA that you can import into VMware / VirtualBox and be ready to go in a few minutes... Sadly, their image download seems to be overloaded... A whopping 14 kbit/sec download for me...and the appliance is 3GB... So I'm building from Ubuntu and going to try the OpenVAS9 PPA.

    Edit: Clarity.



  • @dafyre said in OpenVAS:

    The DEMO build is just an OVA that you can import into VMware / VirtualBox and be ready to go in a few minutes... Sadly, their image download seems to be overloaded... A whopping 14 kbit download for me... So I'm building from Ubuntu and going to try the OpenVAS9 PPA.

    Right.

    It's not a working appliance like Graylog, or XO.



  • @Veet said in OpenVAS:

    @DustinB3403 said in OpenVAS:

    http://www.openvas.org/vm.html

    Demo is plainly listed, I'm guessing that is just put there to say, hey if you want to do this, you should really build from sources.

    Scroll down to the bottom of the page, and you'll read the following : -

    ***Important note on these Virtual Appliances

    Please note that these virtual appliances are for demonstration/testing purposes and not recommended for regular production uses, particularly for more than a few hosts depending on local system resources. The OpenVAS scanner is resource intensive and may take a long time to start on slower systems, especially when run as a VM on laptops.***

    Essentially saying, be sure to give it enough RAM to run.



  • @BRRABill said in OpenVAS:

    @dafyre said in OpenVAS:

    The DEMO build is just an OVA that you can import into VMware / VirtualBox and be ready to go in a few minutes... Sadly, their image download seems to be overloaded... A whopping 14 kbit download for me... So I'm building from Ubuntu and going to try the OpenVAS9 PPA.

    Right.

    It's not a working appliance like Graylog, or XO.

    No, it is a fully working appliance... but I don't feel like waiting 3 days for it to download, lol.



  • @dafyre said

    No, it is a fully working appliance... but I don't feel like waiting 3 days for it to download, lol.

    I meant working in the sense of "production usable" ... it's more a proof of concept than a working appliance like XO or Graylog offerings.



  • @Veet I did, and I read it as well. Just curious if there was some kind of "paid" or source difference from what they have in the OVA.



  • @BRRABill said in OpenVAS:

    @dafyre said

    No, it is a fully working appliance... but I don't feel like waiting 3 days for it to download, lol.

    I meant working in the sense of "production usable" ... it's more a proof of concept than a working appliance like XO or Graylog offerings.

    It's quite usable for production -- that's what I ran when I used it in the past. You just can't gimp on the RAM. For production, I'd suggest 8GB or 16GB of RAM or more... Especially for anything more than a few hosts.



  • @dafyre said in OpenVAS:

    @BRRABill said in OpenVAS:

    @dafyre said

    No, it is a fully working appliance... but I don't feel like waiting 3 days for it to download, lol.

    I meant working in the sense of "production usable" ... it's more a proof of concept than a working appliance like XO or Graylog offerings.

    It's quite usable for production -- that's what I ran when I used it in the past. You just can't gimp on the RAM. For production, I'd suggest 8GB or 16GB of RAM or more... Especially for anything more than a few hosts.

    Oh, that's good to know.

    I admittedly struggled a bit with getting it installed from source. But that's probably just me.

    And by probably I mean definitely.



  • @BRRABill said in OpenVAS:

    @dafyre said in OpenVAS:

    @BRRABill said in OpenVAS:

    @dafyre said

    No, it is a fully working appliance... but I don't feel like waiting 3 days for it to download, lol.

    I meant working in the sense of "production usable" ... it's more a proof of concept than a working appliance like XO or Graylog offerings.

    It's quite usable for production -- that's what I ran when I used it in the past. You just can't gimp on the RAM. For production, I'd suggest 8GB or 16GB of RAM or more... Especially for anything more than a few hosts.

    Oh, that's good to know.

    I admittedly struggled a bit with getting it installed from source. But that's probably just me.

    And by probably I mean definitely.

    If you like Ubuntu, they have pre-compiled binaries and such from the PPA. Easy to set up.

    https://launchpad.net/~mrazavi/+archive/ubuntu/openvas

    I've got a scan going... I am trying the openvas9 beta.



  • Not that anyone cares, but I looked at my OpenVAS VM.........

    "Imported from OVA"

    I'm. A. Dope.



  • @BRRABill said in OpenVAS:

    Not that anyone cares, but I looked at my OpenVAS VM.........

    "Imported from OVA"

    I'm. A. Dope.

    No Problem with that either. 🙂



  • @dafyre said in OpenVAS:

    @BRRABill said in OpenVAS:

    Not that anyone cares, but I looked at my OpenVAS VM.........

    "Imported from OVA"

    I'm. A. Dope.

    No Problem with that either. 🙂

    I just mean that I thought I didn't use it. Duh.

    It WAS a few months ago!



  • @BRRABill said in OpenVAS:

    @dafyre said in OpenVAS:

    @BRRABill said in OpenVAS:

    Not that anyone cares, but I looked at my OpenVAS VM.........

    "Imported from OVA"

    I'm. A. Dope.

    No Problem with that either. 🙂

    I just mean that I thought I didn't use it. Duh.

    It WAS a few months ago!

    You've slept a few times since then. 🙂



  • It got mentioned a year ago... but that's about it.

    https://mangolassi.it/topic/5507/it-infrastructure-health-checkup/23

    I've never used it.



  • @dafyre said in OpenVAS:

    @BRRABill said in OpenVAS:

    @dafyre said in OpenVAS:

    @BRRABill said in OpenVAS:

    Not that anyone cares, but I looked at my OpenVAS VM.........

    "Imported from OVA"

    I'm. A. Dope.

    No Problem with that either. 🙂

    I just mean that I thought I didn't use it. Duh.

    It WAS a few months ago!

    You've slept a few times since then. 🙂

    I think alcohol is killing my brain cell


Log in to reply