Tracking down weak points in your intranet

Tasks and Targets

To use the software in a meaningful way, your first step should be to identify tasks and targets. A target can consist of a single computer system, or it can be made up of a complete LAN. If you don't make special requests for the security analysis, then you should simply enter the IP address of the target system or network address on the input line of the start window. The scan begins with a click on Start Scan .

To define separate tasks, you will need to designate target systems. This is done by selecting the entry Configuration | Targets in the menu line in the top part of the OpenVAS window. Some symbols will then appear in the center of the upper part of the window. One of these will be a blue star symbol, which when clicked, opens a dialog for you to enter detailed information about the target of your investigation. The software accepts both single IP and network addresses and also multiple IP addresses when these are entered into the Hosts field and separated by commas. In the Port List option, you should select which ports the software is supposed to scan. OpenVAS has all of the customary scenarios covered here. Additionally, you should enter the protocols in the Alive Test field that the tool should incorporate during a scan.

After completing the selection, you should save the target settings by clicking on the Create Target button at the lower right of the window. The next step is to define a task and the target where OpenVAS should carry out the task. Do this by opening the option dialog via Scan Management | Tasks and clicking again on the blue star. Next, you should set the intensity in the Scan Config field that OpenVAS should use to scan the target system. In the Scan Targets field, select one of the default or newly defined targets. A final click on Create Task saves the newly set up task (Figure 4).

Figure 4: You can generate a scan configuration tailored to your purposes with just a few mouse clicks.

To start a scan, go to the Actions column of the Scan Management | Tasks submenu. In the far right of the window, you will see that each line contains various symbols. One of these is an arrow set against a green background. Clicking on this arrow starts a scan. Clicking on Scan Management | Reports while the individual routines are running gives you first results. OpenVAS lists the results of the scan in a table arranged according to the corresponding routine. Weak points are tagged clearly with a colored bar in the Severity column (Figure 5). Note that this scan takes significant time for larger networks that require numerous scan routines. This places a definite load on the resources of the target systems. Therefore, you must avoid performing any work whatsoever on the relevant computer systems during a scan.

Figure 5: The highly informative Scan-Report in OpenVAS reveals some weak points in Microsoft Windows.

Fixing Weak Points

A yellow or red bar in the Severity column of single test routines indicates that there are significant weak points in the affected computer and that they need to be fixed. OpenVAS offers additional support here by both explaining the specific reason for a weak point it has identified and suggesting possible solutions.

To get the details of problematic configuration settings on the target system, go to the Scan Management | Reports menu and click on the list you want. A list window will open containing a Vulnerability column. This column contains scan results highlighted in red or yellow. Clicking on the scan results you select opens a detailed view that contains excellent information about the weak point identified and in the Solution area also a detailed recommendation for a solution (Figure 6).