Part 2: Conducting a Vulnerability Scan with OpenVASNote: OpenVAS, and simil

1. Part 2: Conducting a Vulnerability Scan with OpenVAS
2.  
3. Note: OpenVAS, and similar tools, perform vulnerability assessment of Unix, Windows, and network infrastructures and can perform a network discovery of devices, operating systems, applications, databases, and services running on those devices. These tools are typically used to complete the scanning and vulnerability assessment phase of the ethical hacking process once the network mapping scan (that you conducted in Part 1 of this lab) is completed. Conducting a vulnerability scan on entire subnets can be noisy (making them easily detected) and time-consuming. You can limit the breadth and scope of the scan by specifying the hosts you want to scan in a simple text file.
4.  
5. Right-click the vWorkstation desktop and select New > Text Document from the context menu.
6. Figure 12 Creating the New Text Document
7.  
8. With New Text Document highlighted, type targets and press Enter to rename the new file.
9. Double-click the targets.txt icon to open the file in the text editor.
10. In the Notepad window, type the IP addresses discovered by Zenmap. Each IP address should appear on its own line, as shown in the following figure.
11. Figure 13 Targets.txt file
12.  
13. Click File > Exit, and click Save when prompted to close the text file.
14. Double-click the OpenVAS icon on the vWorkstation desktop to connect to a remote OpenVAS security scanner.
15. OpenVAS requires several minutes to initialize. The Internet Explorer window will display a progress bar during this phase.
16.  
17. At Certificate Error warning, click Continue to this website (not recommended) to continue.
18. When prompted, type the following credentials and click Login to open the application.
19. · Username: openvasadmin
20.  
21. · Password: pass
22.  
23. If prompted to save your password, click Not for this site to continue.
24. Figure 14 OpenVAS’s Greenbone Security Assistant
25.  
26. Note: OpenVAS is the scanning engine, but the Greenbone Security Assistance is the Web interface. This interface allows users to quickly scan and analyze their network. In the center of the screen, the assistant points to the Quick start area of the screen. You could type an IP address directly in the box and press Start Scan with no further configuration to create a simple scan of any machine. In the next steps, you will be scanning several IP addresses, the hosts identified by Zenmap, so you will need to configure a report to scan several IP addresses at once.
27.  
28. Select Configuration > Targets from the Greenbone Security Assistant menu to open the Targets page.
29. Figure 15 Selecting a target
30.  
31. Click the blue star icon in the Targets header to create a new target.
32. Figure 16 Create a New Target button
33.  
34. In the Name box, type 172.30.0.0, the subnet for this network.
35. In the Hosts section, click the From file radio button and click Browse.
36. In the Choose File to Upload window, double-click the targets.txt file to specify the target.
37. Figure 17 Create an OpenVAS target
38.  
39. Click Create Target to save the target information.
40. If prompted to use AutoComplete to remember web form entries, click No.
41. Select Scan Management > New Task from the Greenbone Security Assistant menu.
42. In the Name box, type Scan 172.30.0.0.
43. Click the Create Task button to accept the remaining default selections.
44. Figure 18 Create a new task
45.  
46. If prompted to use AutoComplete to remember web form entries, click No.
47. The Scan 172.30.0.0 task now appears in the Tasks table on the Greenbone Security Assistant home page.
48.  
49. Click the Start Task button (the green arrow in the Actions column of the table) to begin.
50. When the scan is completed, the green New button in the Status column of the table will change to a blue Done button. The scan can take as much as 20 minutes to complete. You can manually refresh the page during this time, or set the page to automatically refresh.
51.  
52. Figure 19 Start Task button
53.  
54. In the Tasks header, select Refresh every 10 Sec from the first drop-down menu and click the Set Button (green refresh arrows button) to its right.
55. Figure 20 Auto-refresh the screen
56.  
57. When the blue Done button appears, click Scan 172.30.0.0 in the Name column of the table to open the scan results.
58. The Task Details appear at the top of the page followed by the Reports section.
59.  
60. Use the scrollbar to locate the Report section of the page and review the results of the full report. The report has identified several high, medium, and low vulnerabilities.
61. Click the Details icon (small purple magnifying glass icon) in the Actions column.
62. Figure 21 Details icon
63.  
64. Click the first Download icon (green down arrow) in the Report Summary section to download the Full Report in a PDF format.
65. Figure 22 Download icon
66.  
67. When prompted, click the down arrow on the Save button and select Save as from the context menu.
68. Figure 23 Saving the Vulnerability Scan
69.  
70. In the Save As dialog box, navigate to the Security_Strategies folder (Local Disk (C:) > Security_Strategies), name the report yourname_VulnerabilityScan.pdf, replacing yourname with your own name, and click Save.
71. When prompted to open the PDF file you just saved, close the IE Download Manager.
72. Close the Greenbone Security Assistant window.