Scribd
Upload
16 views5 pages

Week 4

The document outlines a lab plan for detecting vulnerabilities using OpenVAS, including objectives, prerequisites, and safety notes. It details tasks such as installing OpenVAS, running a localhost scan, analyzing vulnerability reports, and generating custom reports. The expected outcomes include students learning to set up OpenVAS, interpret scan results, and create actionable insights from vulnerability data.

Uploaded by

Ashutosh Chaudhary
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
16 views5 pages

Week 4

The document outlines a lab plan for detecting vulnerabilities using OpenVAS, including objectives, prerequisites, and safety notes. It details tasks such as installing OpenVAS, running a localhost scan, analyzing vulnerability reports, and generating custom reports. The expected outcomes include students learning to set up OpenVAS, interpret scan results, and create actionable insights from vulnerability data.

Uploaded by

Ashutosh Chaudhary
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

Lab 4: Detecting Vulnerabilities with OpenVAS

Duration: 2 hours
The detailed plan for Week 3 Lab on Detecting Vulnerabilities with OpenVAS, including
tasks, instructions, and expected outcomes:
Instructions
1. Objective:
1.1. Introduce students to vulnerability scanning using OpenVAS.
1.2. Perform a vulnerability scan on a virtual machine (VM) or localhost and analyze the
results.
2. Prerequisites:
2.1. Linux system (Ubuntu/Kali) or virtual machine installed.
2.2. Internet access to install OpenVAS.
2.3. Basic understanding of terminal commands.
3. Safety Note:
3.1. Use OpenVAS on a test VM or localhost only. Do not scan unauthorized networks
or systems.
Lab Tasks
Task 1: Install and Set Up OpenVAS
1. Steps:
1.1. Update your system and install OpenVAS.
2. sudo apt update && sudo apt upgrade -y
3. sudo apt install openvas -y

now follow the steps

Steps:
Update your system and install OpenVAS.
sudo apt update
sudo apt install -y openvas

4. Set up OpenVAS and configure services.


5. sudo gvm-setup
6. sudo gvm-start
6.1. Verify the status of the OpenVAS services.
7. sudo gvm-check-setup
8. Expected Outcome:
8.1. OpenVAS installed and operational with no errors.
Task 2: Run a Localhost Scan
1. Steps:
1.1. Access the OpenVAS web interface (default URL: https://127.0.0.1:9392).
1.2. Log in using the credentials generated during setup.
1.3. Create a new task:
1.3.1. Navigate to Tasks > New Task.
1.3.2. Set the target as 127.0.0.1.
1.3.3. Choose a scan configuration (e.g., "Full and Fast").
1.4. Start the scan and monitor progress.
2. Expected Outcome:
2.1. A report detailing vulnerabilities found on the localhost.
Task 3: Analyze Vulnerability Reports
1. Steps:
1.1. View the scan report in the OpenVAS interface.
1.2. Identify:
1.2.1. High-severity vulnerabilities.
1.2.2. Services and ports associated with vulnerabilities.
1.2.3. Suggested remediations.
2. Example Analysis:
2.1. Vulnerability: Outdated OpenSSH version.
2.2. Impact: Potential for remote code execution.
2.3. Remediation: Update OpenSSH to the latest version.
Task 4: Generate a Custom Report
1. Steps:
1.1. Export the scan report in PDF or HTML format.
1.2. Write a summary:
1.2.1. Number of vulnerabilities by severity (High/Medium/Low).
1.2.2. Most critical vulnerability and its impact.
1.3. Save the report for submission.
2. Expected Outcome:
2.1. A structured vulnerability report with clear remediation steps.
Sample Solutions
1. Installing OpenVAS:
2. sudo apt update
3. sudo apt install -y openvas
4. sudo gvm-setup
5. sudo gvm-start
5.1. Output: Services configured successfully, accessible at https://127.0.0.1:9392.
6. Running a Scan:
6.1. Target: 127.0.0.1.
6.2. Scan Type: "Full and Fast".
6.3. Example Report Entry:
6.3.1. Vulnerability: CVE-2021-3156 (sudo heap overflow).
6.3.2. Severity: High.
6.3.3. Remediation: Update sudo to version 1.9.5p2 or later.
7. Analyzing and Reporting:
7.1. Example Summary:
7.2. High: 3 vulnerabilities
7.3. Medium: 5 vulnerabilities
7.4. Low: 12 vulnerabilities
7.5. Most Critical: Outdated SSH version (CVE-2021-41617).
Outcome
1. Students will understand:
1.1. How to set up and use OpenVAS for vulnerability scanning.
1.2. Analyze and interpret scan reports.
1.3. Generate actionable insights from vulnerability data.
Template for a vulnerability scan report and additional setup troubleshooting guidance
to ensure a smooth lab experience.

Template: Vulnerability Scan Report

1. Basic Information
 Date of Scan: ??
 Scanned Target: ??
 Scanner Used: OpenVAS
 Scan Configuration: ?? (e.g., Full and Fast)
 Duration: ??
2. Scan Summary
Severity Count Comments/Suggestions
High
Medium
Low
Total Vulnerability
3. Key Findings
1) Critical Vulnerability:
a) Name: (Insert CVE or Description)
b) Severity: ??
c) Affected Service: ??(e.g., OpenSSH)
d) Impact: ??(e.g., Potential remote code execution)
e) Remediation: ??
2) Example Finding:
a) Name: ??
b) Severity: ??
c) Affected Service: ??
d) Impact: ???
e) Remediation: ??
4. Recommendations
1) High Priority: (List critical fixes)
2) Medium Priority: (List important fixes)
3) Best Practices:
a) Regular updates for all software.
b) Disable unused services and ports.
c) Implement intrusion detection systems (IDS).
5. Attachments
 Include the exported scan report (PDF/HTML).
Guide for OpenVAS Setup
1. Common Setup Issues
1. Error: Services Not Starting
1.1. Solution:
1.2. sudo gvm-setup
1.3. sudo gvm-start
1.4. sudo gvm-check-setup
1.5. Ensure all required services
2. Error: “Unable to connect to OpenVAS Web Interface”
2.1. Solution:
2.1.1. Verify the service is running:
2.1.2. sudo systemctl status gvm
2.1.3. Check for correct URL: https://127.0.0.1:9392.
2.1.4. Ensure your firewall allows the connection.
3. Alternative Tools
1. If OpenVAS cannot be used, fallback tools include:
1.1. Nikto: For scanning web servers.
1.2. nikto -h http://<target>
1.3. Nmap Vulnerability Scripts:
1.4. nmap --script vuln <target>
Tips for Facilitating the Lab
 Ensure all students can log in to a local/virtual machine before starting.
 Pre-check lab systems to confirm OpenVAS installation and network access.
 Allocate 15–20 minutes at the end for students to present findings from their reports.

You might also like