Volunerability scanning with Fedora (OpenVAS)
First what is OpenVAS? OpenVAS stands for Open Vulnerability Assessment System and is a network security scanner. Have you heard of OpenVAS? Have you heard of Nessus? Well in short OpenVAS is open source fork of closed source Nessus.
In Fedora repos you will find last non-priprietary version of Nessus (v 2.2.11) that is over three years old. Newer versions of Nessus (v3) are completely closed source and proprietary so I hope Fedora soon drops Nessus and adds OpenVAS in main repository.
First hurdle was to get OpenVAS running on Fedora 10 is to install it because there are no OpenVAS packages in Fedora repos currently :(
You can go hardcore and compile it by hand or a bit milder way using atomic repository. After following instructions on how to enable atomic repository just do these yum install it:
su -
yum install openvas-client.
yum install openvas-plugins
yum install openvas-server
After that you need to update OpenVAS feeds:
openvas-nvt-sync
Create certificates:
openvas-mkcert
create OpenVAS user
openvas-adduser
Now you can start OpenVAS server:
openvasd
Now you can start OpenVAS-Client in other console window:
OpenVAS-Client
And when that you have server and client running just click on connect button in OpenVAS-Client and enter username and password that you used when you created OpenVAS user.
Happy scanning!
Links: