📖 WIPIVERSE

🔍 Currently registered entries: 46,703건

OpenVAS

OpenVAS (Open Vulnerability Assessment System) is a comprehensive vulnerability scanner and vulnerability management system. It serves as a software framework comprising several services and tools that together provide a robust vulnerability scanning and management solution.

Key Features and Components:

  • Scanner: OpenVAS employs a network vulnerability test (NVT) feed, a continuously updated database of vulnerability tests, to identify security weaknesses in systems and applications. This feed includes tests for a wide range of vulnerabilities, including known exploits, configuration errors, and potentially harmful default settings.

  • Manager: The OpenVAS manager is the central control point for scans. It schedules scans, manages target systems, stores scan results, and provides reporting capabilities. The manager orchestrates the interaction between the scanner and the database.

  • Greenbone Security Assistant (GSA): This is the web-based user interface that allows users to interact with the OpenVAS system. Through the GSA, users can configure scans, view reports, and manage scan targets.

  • OpenVAS CLI: A command-line interface (CLI) that allows users to interact with the OpenVAS system for scripting, automation, and integration with other tools.

  • NVT Feed: The NVT feed is continuously updated with the latest vulnerability tests, ensuring that OpenVAS can detect newly discovered vulnerabilities. The feed is often provided by Greenbone Networks (formerly known as OpenVAS GmbH).

Functionality:

OpenVAS functions by performing network-based vulnerability scans. It probes target systems for open ports, services, and known vulnerabilities. It can perform both unauthenticated and authenticated scans. Authenticated scans require credentials to log into the target system, which allows OpenVAS to perform more thorough checks, including examining configuration files and installed software versions.

Uses:

OpenVAS is used by security professionals, system administrators, and penetration testers to:

  • Identify vulnerabilities in networks and systems.
  • Prioritize remediation efforts based on the severity of the identified vulnerabilities.
  • Track vulnerability remediation progress.
  • Comply with security regulations and standards.
  • Automate vulnerability scanning processes.

Relationship to Nessus:

OpenVAS originated as a fork of the Nessus vulnerability scanner when Nessus transitioned to a proprietary license. While sharing a common ancestor, OpenVAS has evolved independently, developing its own features, vulnerability test feed, and user interface.

Licensing:

OpenVAS is primarily licensed under the GNU General Public License (GPL), making it an open-source project. Some commercial services and support are available from Greenbone Networks.

© 2024 WIPIVERSE