今天是農曆年後上班的第1天,不免俗的先跟大家說聲 "新年快樂"!
希望這個新的一年大家都有不錯的發展。
接下來,我們就接著之前 OpenVAS 的弱點掃描和分析做個說明:
Step 1: Last time we manually to crated a new target and new task. Today show the easy way to do the target scan. First, we open a browser and enter OpenVAS server IP (ex. 192.168.2.69:9392) then log in username as admin and password.
Step 2: Enter a target IP in red then click "Start Scan" in yellow as below.
Step 3: The task in "Requested" then under processing until finish.
Step 4: Check report after finish the scanning.
Scan Management | Reports
Step 5: Result shows 1 low and 2 medium issues then click "Date" in red as below for more details.
Step 6: After click shows more details. (ex. SSL weak on Medium case and TCP timestamps in Low case)
Step 7: After click "Check for SSL Weak Ciphers" shows "Summary", "Solution" and "Vulnerability Insight" for more details. Then may reconfigure the setting to solve this issue.
Step 8: Click others for rest details show as below. Check "Solution" to follow the instruction to solve those issues.
介紹到這邊,相信大家對於 OpenVAS 都已經有了基本的認識和分析能力。如果以後有遇到 OpenVAS 的問題,也歡迎大家提出來討論。
~ See you ~
參考出處:
沒有留言:
張貼留言