Contents

Contents

• Imprint
• Contents
• Introduction
• About this Compendium
• About the OpenVAS Project
• About the OpenVAS Software
• Planning OpenVAS-based Network Auditing
• Consider Coverage of Available Vulnerability Tests
• Choose Location of Scan-Server
• Choose Type of Scan-Server
• Hardware
• Operating System
• Installing and Configuring OpenVAS-Server
• Installing Binary Packages
• Debian and Ubuntu
• Gentoo
• RPM-Based Distributions
• FreeBSD
• Compiling OpenVAS-Server from Source Packages
• Latest source code release
• Most current builds (directly from the source code management system)
• Configuring OpenVAS-Server
• Generating a Server Certificate
• Adding New Users
• Advanced Configuration
• Configuring NVT Feeds
• Prerequisites
• Performing a synchronization with an OpenVAS NVT Feed
• Available NVT Feed Services
• Automatically Updating an NVT Feed
• Managing NVT signatures
• What is a Signature?
• The Signature Format
• The Signature Verification Process
• How to Add a Certificate
• How to Set Trust
• How to Remove a Certificate
• Manual Signature Verification
• OpenVAS File Locations
• Executables for users (PREFIX/bin)
• Server configuration (PREFIX/etc/openvas)
• Compilation files (PREFIX/include/openvas)
• Libraries (PREFIX/lib)
• NVTs (PREFIX/lib/openvas/plugins)
• Executables for server (PREFIX/sbin)
• Manual pages for users (PREFIX/share/man)
• Manual pages for server (PREFIX/man)
• Server installation specific data (PREFIX/var/lib/openvas)
• Log files (PREFIX/var/log/openvas)
• Server process information (PREFIX/var/run)
• User data (HOME/)
• Installing and Configuring OpenVAS-Client
• Installing Binary Packages
• Debian and Ubuntu
• Gentoo
• RPM-Based Distributions
• Windows XP SP2
• FreeBSD
• Compiling OpenVAS-Client from Source Packages
• Latest source code release
• Most current state of development (directly from the source code management system)
• Using OpenVAS-Client
• The Main Window
• Tasks
• New
• Rename
• Remove
• Scopes
• Execute
• New
• Rename
• Remove
• Move to task
• Open
• Save As
• Reports
• Remove
• Import
• Export
• Print
• Authentication
• Host
• Port
• Login
• Password
• Authentication by Certificate:
• Trusted CA:
• Scan Options
• General
• Port range
• Consider unscanned ports as closed
• Number of hosts to test at the same time
• Number of checks to perform at the same time
• Path to CGIs
• Do a reverse lookup of the IP before testing it
• Optimize the test
• Safe checks
• Designate hosts by their MAC address
• Port Scanner
• Plugins
• Enable all
• Disable all
• Expand all
• Collapse all
• Enable dependencies at runtime
• Silent dependencies
• Filter
• Automatically enable new plugins
• Plugin information dialog
• Set plugin timeout
• Show dependencies
• Certificate information
• Credentials
• Target Selection
• Target(s)
• Read from file
• Perform a DNS Zone transfer
• Plugin Preferences
• Access Rules
• Knowledge Base
• Reports
• Report Page of OpenVAS-Client
• Report Formats
• Changing severities of reported issues
• OpenVAS-Client Preferences
• User Interface
• Auto expand tree elements
• Order by
• Connection to the OpenVAS server
• Automatically connect
• Protocol version
• Plugin Cache
• Cache plugin information when connecting
• Use plugin cache with reports
• Load plugin cache for scopes immediately
• Report
• Include plugin details in PDF
• Show script origin in report window
• External Links in HTML/PDF
• Installing SLAD using SLADinstaller
• Performing Local Security Checks
• Debian Local Security Checks
• Prerequisites
• Create users with the OpenVAS LSC Credentials Manager
• Creating users for local security checks without the OpenVAS LSC Credentials Manager
• Create users for local security checks on target sytems
• Configure the local security checks in OpenVAS-Client <= 2.0.1
• Configure the local security checks in OpenVAS-Client >= 2.0.2
• Windows Local Security Checks
• Preparing the OpenVAS Server
• Preparing the Microsoft Windows target
• Additional Note for Windows XP
• Executing the checks via OpenVAS-Client
• Using Integrated Tools
• Security Local Auditing Daemon (SLAD)
• How to use Security Local Auditing Daemon (SLAD) with OpenVAS
• SLAD plugins
• chkrootkit
• clamav
• john
• lsof
• tiger
• tripwire
• Snort
• LMSensors
• LogWatch
• TrapWatch
• Nikto
• Prerequisites
• Starting a Nikto scan
• Understanding Nikto results
• Ovaldi (OVAL support in OpenVAS)
• Developers Guide for Network Vulnerability Tests
• Basic Structure of NASL Scripts
• Basic NASL Syntax
• Comments
• Variables and Declarations
• Data Types
• Numbers and Strings
• Function Arguments
• Loops
• User-defined Functions
• Operators
• Operator Precedence
• NASL API Documentation
• Pre-defined Constants
• Built-In Functions
• Socket Manipulation
• Network Operations
• FTP Operations
• HTTP Operations
• Packet Manipulation
• Utilities
• String Manipulation
• Knowledge Base
• Plugin Description
• Report Functions
• Crypto Functions
• Miscellaneous Functions
• "Unsafe" Functions
• Functions from the NASL Library
• Knowledge Base
• Test and debugging procedures
• Testing a local vulnerability
• Testing a network vulnerability
• Writing SMBclient-based WLSC NASL Scripts
• smbclientavail()
• smbversion()
• smbgetfile(share, filename, tmp_filename)
• smbgetdir(share, dir, typ)
• GetPEFileVersion (tmp_filename, orig_filename)
• get_windir()
• Example
• Developers Guide for OpenVAS Server and Client
• The OpenVAS Source Code Map
• Source Code Branches for Stable and In-Development
• Code Quality and Code Security
• Management of OpenVAS Change Requests
• Submitting Patches
• Write-Access to Source Code Repository
• Maintaining ChangeLog
• Source Code Style Guide
• OpenVAS Transfer Protocol (OTP)
• Changes from NTP 1.2 to OTP 1.0
• Plug-in upload
• Version information
• New message types
• Detached scans
• Plugin order information
• Starting a scan
• Reporting preferences errors
• Protocol extensions
• General Aspects of OTP
• Protocol Initialization
• Protocol Commands
• ATTACHED_FILE
• Description:
• Syntax:
• BYE
• Description:
• Syntax:
• CERTIFICATES
• Description:
• Syntax:
• COMPLETE_LIST
• Description:
• Syntax:
• DEBUG
• Description:
• Syntax:
• ERROR
• Description:
• Syntax:
• FINISHED
• Description:
• Syntax:
• GO ON
• Description:
• Syntax:
• HOLE
• Description:
• Syntax:
• INFO
• Description:
• Syntax:
• LOG
• Description:
• Syntax:
• LONG_ATTACK
• Description:
• Syntax:
• NOTE
• Description:
• Syntax:
• OPENVAS_VERSION
• Description:
• Syntax:
• PLUGINS_DEPENDENCIES
• Description:
• Syntax:
• PLUGINS_MD5
• Description:
• Syntax:
• PLUGIN_INFO
• Description:
• Syntax:
• PLUGIN_LIST
• Description:
• Syntax:
• PORT
• Description:
• Syntax:
• PREFERENCES
• Description:
• Available preferences:
• Syntax:
• RULES
• Description:
• Syntax:
• SEND_PLUGINS_MD5
• Description:
• Syntax:
• SESSIONS_LIST
• Description:
• Syntax:
• SESSION_DELETE
• Description:
• Syntax:
• SESSION_RESTORE
• Description:
• Syntax:
• STATUS
• Description:
• Syntax:
• STOP_ATTACK
• Description:
• Syntax:
• STOP_WHOLE_TEST
• Description:
• Syntax:
• TIME
• Description:
• Syntax:
• Document License: CC by SA
• Footnotes

Contents