This test case tests the ability of OpenVAS to scan a host or network for vulnerabilities.
- A remote host with various network services (SSH, HTTP, DNS, SMTP ...) is required. For example: a Linux server with OpenSSH, Apache HTTPd, ISC BIND, Postfix or Sendmail.
- Open ports of the scanned services in the remote host firewall.
- Ensure that
packages are installed.
How to test
- Start OpenVAS scanner:
- Create a new certificate:
- Add a OpenVAS user:
- Update the NVTs:
- Restart OpenVAS scanner (take a while for the first time):
- Test that the OpenVAS scanner process openvassd is running:
- Test that the OpenVAS scanner listens on configured port:
sudo lsof -i -nP
- Connect using the gnutls client to scanner port:
gnutls-cli --insecure -p 9391 127.0.0.1. Start the communication with < OTP/1.0 >. Try to login with the user created above.
- Start OpenVAS client:
openvas-client(or System Tools > OpenVAS Client)
- Connect to OpenVAS server with the user created above.
- Create a new scan using the client and wait until it finishes.
- Export the report to HTML or PDF.
- The scan should finish correctly.
- In the report, you should see the network services being scanned and vulnerabilities reported.