OpenVAS 9 released
OpenVAS (Open Vulnerability Assessment System, Open Source Vulnerability Assessment System, originally called GNessUs) is a framework consisting of several services and utilities that allows you to scan hosts for vulnerabilities and manage vulnerabilities.
The OpenVAS project, under the name GNessUs, began as a fork of the Nessus open source vulnerability scanner, developed by Tenable Network Security, after the company decided in October 2005 to close the source code of the application and make it proprietary. All OpenVAS products are open source and are licensed under the GPL. Between the previous (8) and current (9) releases, about 2 years have passed.
OpenVAS is an open source scanner and vulnerability management tool. It is designed for active monitoring of network nodes to identify security-related problems, assess the criticality of these problems and control their elimination. Active monitoring means that OpenVAS performs some actions with the host: scans open ports, sends specially formed packets to simulate an attack, or even logs on to the host, accesses the management console, and executes commands on it. In simple words - OpenVAS allows you to identify problem nodes with non-updated software or insecurely configured.
OpenVAS is based on a collection of NVT (Network Vulnerability Tests) security tests (in the new version - about 50,000, unlike the old - about 30,000), which reveal the vulnerability. The description of known problems is then checked against the CVE and OpenSCAP (Security Content Automation Protocol) automated vulnerability management databases. OpenSCAP itself (open-scap.org) supports several specifications: XCCDF, OVAL, ARF, CCE, CVSS, and CVE.
OpenVAS version 9 introduces a new web-based interface for scanning and vulnerability management in the form of panels with advanced features for ease of use. This allows for better analysis of scan results and vulnerability management. The new interface has become more entrepreneurial, unlike the previous version, which did not differ in grace.
The most notable new functionality is resource management, which adds a new view of scan results for hosts and operating systems. This allows you to more quickly manage vulnerability management workflows. The scanning process has been transferred to a multi-scanner architecture.
Greenbone is developing OpenVAS as the basis for its Greenbone Security Manager product line for professional devices. Previously, Greenbone did not promote the commercial version of OpenVAS, and many OpenVAS users are unaware of this. With the new release, GSM Community Edition (GCE) appears, which requires a key to use. On the one hand, this is a sensible step for the development of the project, on the other hand, it can strongly separate versions in the future, as was the case with other security products.
OpenVAS is included in popular penetration testing distributions (such as Kali Linux), and is deployed in * nix systems. The most convenient mode of use is a virtual appliance that contains everything you need. Note: after installation, it takes some time for OpenVAS to update the NVT database in the background.
Minimum requirements: 2 CPU, 2 GB RAM, 9 GB HDD.
Compatibility: VirtualBox, ESXi, Hyper-V.
Vulnerability scanning is an important phase of penetration testing. An up-to-date vulnerability scanner can play an important role and help detect previously missing vulnerable elements. Using a tool such as OpenVAS allows you to identify incorrectly configured hosts, non-updated software versions and helps IT / IB department technicians make their infrastructure safer.