LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 06-19-2012, 07:54 AM   #1
turiyain
Member
 
Registered: Dec 2006
Location: Delhi, India
Distribution: Centos 5.8, 6.5 Linux Mint 13 & 16, OpenSuse 12
Posts: 108

Rep: Reputation: 16
Scan a website with OpenVAS?


Dear Experts,


I have a working Back Track 5 RC2 system. My OpenVAS is working fine.
I am able to scan remote host. But this is not my requirement. I have to scan a web site for vulnerability.

Kindly guide me.

Thanks in advance.

VJ++
 
Old 06-19-2012, 11:05 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,331
Blog Entries: 55

Rep: Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531
Quote:
Originally Posted by turiyain View Post
I have to scan a web site for vulnerability.
Be aware Laws may require you to obtain authorization prior to scanning remote addresses. Also be aware sustained, active probing for vulnerabilities may have an adverse effect on the site slash host. Informing the client, and in some cases the provider, may be prudent. As to your question check out which plugins OpenVAS provides and what their purpose is. Should be at least two you could use.
 
Old 06-20-2012, 12:35 AM   #3
turiyain
Member
 
Registered: Dec 2006
Location: Delhi, India
Distribution: Centos 5.8, 6.5 Linux Mint 13 & 16, OpenSuse 12
Posts: 108

Original Poster
Rep: Reputation: 16
Quote:
Originally Posted by unSpawn View Post
Be aware Laws may require you to obtain authorization prior to scanning remote addresses. Also be aware sustained, active probing for vulnerabilities may have an adverse effect on the site slash host. Informing the client, and in some cases the provider, may be prudent. As to your question check out which plugins OpenVAS provides and what their purpose is. Should be at least two you could use.
Thanks for the reply. This is our official web site to be scanned for vulnerabilities. I am not getting the way, that where can i give url of the web site for scanning.


Regards

VJ++ Byte code

Last edited by turiyain; 06-20-2012 at 12:37 AM.
 
Old 06-20-2012, 01:39 AM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,331
Blog Entries: 55

Rep: Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531
Quote:
Originally Posted by turiyain View Post
I am not getting the way, that where can i give url of the web site for scanning.
I'm sorry but you should not give the address of the site to anyone for the reasons I stated before.
 
Old 06-20-2012, 04:07 PM   #5
J0hnny_b14z3r
LQ Newbie
 
Registered: Jun 2012
Posts: 2

Rep: Reputation: Disabled
Once you have your OpenVAS server setup and your client is connected create a new task (Task > New) then create the scope (Scope > New) within that task.. Once you have your scope setup there will be multiple options on the right window, one of which is target selection. Enter your sites IP or FQDN there.. figure out which plugins you want to use and your desired options then execute the scan (Scope > Execute)... Hope that helps!
 
Old 06-21-2012, 01:02 AM   #6
turiyain
Member
 
Registered: Dec 2006
Location: Delhi, India
Distribution: Centos 5.8, 6.5 Linux Mint 13 & 16, OpenSuse 12
Posts: 108

Original Poster
Rep: Reputation: 16
Quote:
Originally Posted by J0hnny_b14z3r View Post
Once you have your OpenVAS server setup and your client is connected create a new task (Task > New) then create the scope (Scope > New) within that task.. Once you have your scope setup there will be multiple options on the right window, one of which is target selection. Enter your sites IP or FQDN there.. figure out which plugins you want to use and your desired options then execute the scan (Scope > Execute)... Hope that helps!
Thanks for the answer to my question. If i want to scan a url (web site - Authenticated Access)then what will be the way.

Regards,


VJ++ Byte Code
 
Old 06-21-2012, 02:25 AM   #7
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,331
Blog Entries: 55

Rep: Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531
Ah, so you're new to OpenVAS and looking for simple instructions. Well, it comes with documentation to read and this thread therefore isn't related to Linux Security at all.
Moving to the Newbie forum.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
openvas-scanner szboardstretcher Linux - Software 3 08-10-2011 01:11 PM
src2pkg and openvas 4 libraries rpedrica Slackware 1 06-28-2011 04:34 PM
OpenVas j0eh4x Linux - Software 1 02-16-2011 02:17 AM
Openvas client Fedora 13 michaelux Linux - Software 1 06-10-2010 05:11 PM
Openvas-manager & openvas-cli Minky Linux - Software 1 04-26-2010 07:59 AM


All times are GMT -5. The time now is 08:26 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration