May 8, 2009

Volunerability scanning with Fedora (OpenVAS)

First what is OpenVAS? OpenVAS stands for Open Vulnerability Assessment System and is a network security scanner. Have you heard of OpenVAS? Have you heard of Nessus? Well in short OpenVAS is open source fork of closed source Nessus.
In Fedora repos you will find last non-priprietary version of Nessus (v 2.2.11) that is over three years old. Newer versions of Nessus (v3) are completely closed source and proprietary so I hope Fedora soon drops Nessus and adds OpenVAS in main repository.
First hurdle was to get OpenVAS running on Fedora 10 is to install it because there are no OpenVAS packages in Fedora repos currently :(
You can go hardcore and compile it by hand or a bit milder way using atomic repository. After following instructions on how to enable atomic repository just do these yum install it:
su -
yum install openvas-client.
yum install openvas-plugins
yum install openvas-server

After that you need to update OpenVAS feeds:
Create certificates:
create OpenVAS user
Now you can start OpenVAS server:
Now you can start OpenVAS-Client in other console window:
And when that you have server and client running just click on connect button in OpenVAS-Client and enter username and password that you used when you created OpenVAS user.
Happy scanning!


  • OpenVAS

  • Fedora Atomic repository for OpenVAS