QA:Testcase OpenVAS
From FedoraProject
(Difference between revisions)
(categorize correctly) |
(Mark it outdated) |
||
| Line 1: | Line 1: | ||
| + | {{Admon/warning | This test case could be outdated because newer versions of OpenVAS has new services around OpenVAS Scanner (OpenVAS Manager, OpenVAS Administrator, Greenbone Security Assistant) }} | ||
{{QA/Test_Case | {{QA/Test_Case | ||
|description=This test case tests the ability of OpenVAS to scan a host or network for vulnerabilities. | |description=This test case tests the ability of OpenVAS to scan a host or network for vulnerabilities. | ||
Revision as of 15:58, 7 January 2012
.png){kind=small}
This test case could be outdated because newer versions of OpenVAS has new services around OpenVAS Scanner (OpenVAS Manager, OpenVAS Administrator, Greenbone Security Assistant)
Contents |
Description
This test case tests the ability of OpenVAS to scan a host or network for vulnerabilities.
Setup
- A remote host with various network services (SSH, HTTP, DNS, SMTP ...) is required. For example: a Linux server with OpenSSH, Apache HTTPd, ISC BIND, Postfix or Sendmail.
- Open ports of the scanned services in the remote host firewall.
- Ensure that
openvas-scanner
How to test
- Start OpenVAS scanner:
/etc/init.d/openvas-scanner start - Create a new certificate:
openvas-mkcert - Add a OpenVAS user:
openvas-adduser - Update the NVTs:
openvas-nvt-sync - Restart OpenVAS scanner (take a while for the first time):
/etc/init.d/openvas-scanner restart - Start OpenVAS client:
openvas-client(or System Tools > OpenVAS Client) - Connect to OpenVAS server with the user created above.
- Create a new scan using the client and wait until it finishes.
- Export the report to HTML or PDF.
Expected Results
- The scan should finish correctly.
- In the report, you should see the network services being scanned and vulnerabilities reported.
