OpenVAS

Last updated

OpenVAS
Developer(s) Greenbone Networks GmbH
Stable release
22.7.9 [1] OOjs UI icon edit-ltr-progressive.svg / 30 November 2023;2 months ago (30 November 2023)
Repository
Written in C
Operating system Cross-platform
Type Vulnerability scanner
License GPL
Website www.openvas.org OOjs UI icon edit-ltr-progressive.svg

OpenVAS (Open Vulnerability Assessment Scanner, originally known as GNessUs) is the scanner component of Greenbone Vulnerability Management (GVM), a software framework of several services and tools offering vulnerability scanning and vulnerability management. [2]

Contents

All Greenbone Vulnerability Management products are free software, and most components are licensed under the GNU General Public License (GPL). Plugins for Greenbone Vulnerability Management are written in the Nessus Attack Scripting Language, NASL.

History

Greenbone Vulnerability Manager began under the name of OpenVAS, and before that the name GNessUs, as a fork of the previously open source Nessus scanning tool, after its developers Tenable Network Security changed it to a proprietary (closed source) license in October 2005. [3] OpenVAS was originally proposed by pentesters at SecuritySpace, [4] discussed with pentesters at Portcullis Computer Security [5] and then announced [6] by Tim Brown on Slashdot.

Greenbone Vulnerability Manager is a member project of Software in the Public Interest. [7]

Structure

The OpenVAS 8 Structure OpenVAS-7-Structure.png
The OpenVAS 8 Structure

There is a daily updated feed of Network Vulnerability Tests (NVTs). As of January 2019, there were over 50,000 NVTs. [8]

Documentation

The OpenVAS protocol structure aims to be well-documented to assist developers. The OpenVAS Compendium is a publication of the OpenVAS Project that delivers documentation on OpenVAS.

See also

Related Research Articles

SourceForge is a web service that offers software consumers a centralized online location to control and manage open-source software projects and research business software. It provides source code repository hosting, bug tracking, mirroring of downloads for load balancing, a wiki for documentation, developer and user mailing lists, user-support forums, user-written reviews and ratings, a news bulletin, micro-blog for publishing project updates, and other features.

A vulnerability scanner is a computer program designed to assess computers, networks or applications for known weaknesses. These scanners are used to discover the weaknesses of a given system. They are utilized in the identification and detection of vulnerabilities arising from mis-configurations or flawed programming within a network-based asset such as a firewall, router, web server, application server, etc. Modern vulnerability scanners allow for both authenticated and unauthenticated scans. Modern scanners are typically available as SaaS ; provided over the internet and delivered as a web application. The modern vulnerability scanner often has the ability to customize vulnerability reports as well as the installed software, open ports, certificates and other host information that can be queried as part of its workflow.

<span class="mw-page-title-main">Nmap</span> Network scanner

Nmap is a network scanner created by Gordon Lyon. Nmap is used to discover hosts and services on a computer network by sending packets and analyzing the responses.

<span class="mw-page-title-main">OpenSSL</span> Open-source implementation of the SSL and TLS protocols

OpenSSL is a software library for applications that provide secure communications over computer networks against eavesdropping, and identify the party at the other end. It is widely used by Internet servers, including the majority of HTTPS websites.

Nessus is a proprietary vulnerability scanner developed by Tenable, Inc.

A white hat is an ethical security hacker. Ethical hacking is a term meant to imply a broader category than just penetration testing. Under the owner's consent, white-hat hackers aim to identify any vulnerabilities or security issues the current system has. The white hat is contrasted with the black hat, a malicious hacker; this definitional dichotomy comes from Western films, where heroic and antagonistic cowboys might traditionally wear a white and a black hat, respectively. There is a third kind of hacker known as a grey hat who hacks with good intentions but at times without permission.

A source-code-hosting facility is a file archive and web hosting facility for source code of software, documentation, web pages, and other works, accessible either publicly or privately. They are often used by open-source software projects and other multi-developer projects to maintain revision and version history, or version control. Many repositories provide a bug tracking system, and offer release management, mailing lists, and wiki-based project documentation. Software authors generally retain their copyright when software is posted to a code hosting facilities.

Security Administrator Tool for Analyzing Networks (SATAN) was a free software vulnerability scanner for analyzing networked computers. SATAN captured the attention of a broad technical audience, appearing in PC Magazine and drawing threats from the United States Department of Justice. It featured a web interface, complete with forms to enter targets, tables to display results, and context-sensitive tutorials that appeared when a vulnerability had been found.

<span class="mw-page-title-main">Metasploit</span> Computer security testing tool

The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development. It is owned by Boston, Massachusetts-based security company Rapid7.

On computer networks, a service scan identifies the available network services by attempting to initiate many sessions to different applications with each device in a target group of devices. This is done by sending session initiation packets for many different applications to open ports on all of the devices specified in the target group of devices. This scan is done across a wide range of TCP, UDP. A service scanner will identify each device it finds along with the services that it finds on the ports that it scans.

SAINT is computer software used for scanning computer networks for security vulnerabilities, and exploiting found vulnerabilities.

In FOSS development communities, a forge is a web-based collaborative software platform for both developing and sharing computer applications.

Lynis is an extensible security audit tool for computer systems running Linux, FreeBSD, macOS, OpenBSD, Solaris, and other Unix derivatives. It assists system administrators and security professionals with scanning a system and its security defenses, with the final goal being system hardening.

Network enumeration is a computing activity in which usernames and info on groups, shares, and services of networked computers are retrieved. It should not be confused with network mapping, which only retrieves information about which servers are connected to a specific network and what operating system runs on them. Network enumeration is the discovery of hosts or devices on a network. Network enumeration tends to use overt discovery protocols such as ICMP and SNMP to gather information. It may also scan various ports on remote hosts for looking for well known services in an attempt to further identify the function of a remote host. The next stage of enumeration is to fingerprint the operating system of the remote host.

<span class="mw-page-title-main">OpenSSH</span> Set of computer programs providing encrypted communication sessions

OpenSSH is a suite of secure networking utilities based on the Secure Shell (SSH) protocol, which provides a secure channel over an unsecured network in a client–server architecture.

<span class="mw-page-title-main">Heartbleed</span> Security bug in OpenSSL

Heartbleed is a security bug in some outdated versions of the OpenSSL cryptography library, which is a widely used implementation of the Transport Layer Security (TLS) protocol. It was introduced into the software in 2012 and publicly disclosed in April 2014. Heartbleed could be exploited regardless of whether the vulnerable OpenSSL instance is running as a TLS server or client. It resulted from improper input validation in the implementation of the TLS heartbeat extension. Thus, the bug's name derived from heartbeat. The vulnerability was classified as a buffer over-read, a situation where more data can be read than should be allowed.

<span class="mw-page-title-main">Briar (software)</span> Mesh-networking and messaging app

Briar is an open-source software communication technology, intended to provide secure and resilient peer-to-peer communications with no centralized servers and minimal reliance on external infrastructure. Messages can be transmitted through Bluetooth, Wi-Fi, over the internet via Tor or removable storage, such as USB sticks. All communication is end-to-end encrypted. Relevant content is stored in encrypted form on participating devices. Long-term plans for the project include support for distributed applications such as crisis mapping and collaborative document editing.

The Nessus Attack Scripting Language, usually referred to as NASL, is a scripting language that is used by vulnerability scanners like Nessus and OpenVAS. With NASL specific attacks can be automated, based on known vulnerabilities.

ZMap is a free and open-source security scanner that was developed as a faster alternative to Nmap. ZMap was designed for information security research and can be used for both white hat and black hat purposes. The tool is able to discover vulnerabilities and their impact, and detect affected IoT devices.

This is a list of cybersecurity information technology. Cybersecurity is security as it is applied to information technology. This includes all technology that stores, manipulates, or moves data, such as computers, data networks, and all devices connected to or included in networks, such as routers and switches. All information technology devices and facilities need to be secured against intrusion, unauthorized use, and vandalism. Additionally, the users of information technology should be protected from theft of assets, extortion, identity theft, loss of privacy and confidentiality of personal information, malicious mischief, damage to equipment, business process compromise, and the general activity of cybercriminals. The public should be protected against acts of cyberterrorism, such as the compromise or loss of the electric power grid.

References

  1. "Release 22.7.9". 30 November 2023. Retrieved 19 December 2023.
  2. "GMV tools - Glossary". Greenbone Networks GmbH. 22 March 2023. Retrieved 9 October 2023.
  3. LeMay, Renai (6 October 2005). "Nessus security tool closes its source". CNet.
  4. "SecuritySpace". www.securityspace.com.
  5. "Portcullis Labs". labs.portcullis.co.uk. Retrieved 22 September 2023.
  6. "Nessus Closes Source". Slashdot. 7 October 2005. Retrieved 9 October 2023.
  7. "[Openvas-discuss] Log from SPI board meeting". lists.wald.intevation.org. 7 July 2007. Archived from the original on 24 October 2010.
  8. "About Greenbone Community Feed (GCF)". Greenbone Community Forum. 10 January 2019. Retrieved 9 October 2023.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.