OpenVAS 續探(一)

Hello!!! 大家好 ~

今天要來談一談 OpenVAS 的使用方法。
相信大家經過上節的說明，已經都裝好 OpenVAS 在你的測試主機。以下的圖是要介紹接下來的內容 "圖解"：

我們直接切入正題，一般我們開始使用 OpenVAS 弱點掃描時，需要做二個主要的設定。一個是設定被掃描主機 (Target)，另一個是設定任務 (Task)。這一節我們就設定 Target 主機開始說明：

Step 1: Link to your OpenVAS then in main page point to "Configuration" in menu bar.

Step 2: Check the scroll down menu bar then click "Targets" will see the page like below.

Step 3: Click the "Star Button" to create a new target.

Step 4: After clicked the star button will see the page like below.

Step 5: Naming your Target machine for New Target.

Step 6: For "Hosts" select "Manual" then fill in your target IP. (ex. 192.168.2.86)

Tips: For option "From file" that can let you fill in more targets IP in a file. 

Step 7: For "Exclude Hosts" means which target IP doesn't want to scan in the list.

Step 8: If "Reverse Lookup" option is set, the OpenVAS server will do a reverse lookup on the IP addresses before it tests them. This may slow down the whole test.

Step 9: Select "Port List" as "OpenVAS Default".

Tips: For "Port List" option select scroll down menu choose which port list want to be scan. Also can add a new "Port List" at Configuration | Port Lists | New Port List 

Step 10: If need to provide the certificated for SSH & SMB optional.

Step 11: For "Alive Test" set as "Scan Config Default"

Tips: For "Alive Test" option can select which method to test the target is alive. 

Step 12: After click "Create Target" button will see the new target has been created as below.

恭喜你!!!
當看到如上圖的畫面，就是表示你已經設定好一台被掃描的 Target。接下來，下一節將介紹如何設定一個掃描任務。

~ See you ~

參考出處：
http://www.openvas.org/