> For the complete documentation index, see [llms.txt](https://edu.noirchapeau.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://edu.noirchapeau.com/vulnerability-assessment-notes/openvas-gvm-vulnerability-scanner-notes.md). # OpenVAS (GVM) Vulnerability Scanner Notes ## Installation and Initial Setup ### Basic Installation ```bash # Update system sudo apt update && sudo apt upgrade # Install GVM and OpenVAS sudo apt install gvm openvas # Run initial setup (takes ~30 minutes) gvm-setup # Start OpenVAS gvm-start ``` ### Post-Installation Tasks ```markdown 1. Access web interface: https://localhost:9392 2. Default credentials: admin/admin 3. Change default password immediately 4. Verify NVT feed is updated ``` ## Scan Configuration ### 1. Target Setup ```markdown Navigate: Configurations > Targets Target Configuration Options: 1. Single host: 192.168.1.1 2. Multiple hosts: 192.168.1.1, 192.168.1.2 3. Range: 192.168.1.1-192.168.1.254 4. CIDR: 192.168.1.0/24 ``` ### 2. Scan Profiles ```markdown Available Configurations: 1. Base - Purpose: Host/OS enumeration - No vulnerability checks 2. Discovery - Purpose: Service/hardware/port detection - Software enumeration - No vulnerability checks 3. Host Discovery - Purpose: Host alive check - Ping only - No vulnerability checks 4. System Discovery - Purpose: Detailed OS/hardware info - More comprehensive than Discovery 5. Full and Fast - Purpose: Complete vulnerability scan - Optimized NVT checks - Port-based vulnerability testing ``` ### 3. Authentication Setup ```markdown Credentials Configuration: 1. SSH (Linux): - Username/Password - Public key authentication 2. SMB (Windows): - Domain - Username - Password 3. ESXi: - Username - Password ``` ## Running Scans ### 1. Basic Scan Setup ```markdown Steps: 1. Navigate to Scans tab 2. Click "Wizard" icon 3. Select target(s) 4. Choose scan configuration 5. Set schedule (if needed) 6. Start scan ``` ### 2. Advanced Scan Options ```markdown Configure: 1. Port Range: - Default - All ports - Custom range 2. Timing: - Concurrent IPs - Concurrent checks - Network timeout 3. QoS: - Scan intensity - Auto-adjust ``` ## Results Analysis ### 1. Viewing Results ```markdown Navigate: Scans > Reports Information Available: 1. Host Details - OS information - Open ports - Running services 2. Vulnerabilities - Severity levels - CVE references - CVSS scores 3. Compliance - Policy checks - Failed rules ``` ### 2. Export Commands ```bash # Export to XML gvm-cli --protocol OSP export_report --report-id --format xml > report.xml # Available formats: - XML - PDF - CSV - TXT - ITG ``` ## Best Practices ### 1. Pre-Scan Checklist ```markdown 1. Verify target accessibility 2. Check credentials 3. Confirm scan window 4. Test network connectivity 5. Verify system resources ``` ### 2. Performance Optimization ```markdown Scan Settings: 1. Adjust concurrent checks 2. Set appropriate timeouts 3. Configure host alive test 4. Optimize port scanning ``` ### 3. Resource Management ```markdown Monitor: 1. Scanner CPU usage 2. Network bandwidth 3. Target system load 4. Disk space for results ``` ## Troubleshooting ### 1. Common Issues ```markdown Connection Problems: 1. Check firewall rules 2. Verify target availability 3. Test authentication 4. Review SSL/TLS settings Performance Issues: 1. Reduce concurrent scans 2. Adjust timeout values 3. Check system resources 4. Optimize scan scope ``` ### 2. Debug Commands ```bash # Check service status systemctl status gvmd systemctl status ospd-openvas # View logs tail -f /var/log/gvm/gvmd.log tail -f /var/log/gvm/ospd-openvas.log # Test connectivity nc -vz target_ip port ``` ## Maintenance ### 1. Regular Tasks ```bash # Update NVT feed greenbone-nvt-sync # Update SCAP data greenbone-scapdata-sync # Update CERT data greenbone-certdata-sync ``` ### 2. Database Management ```bash # Backup database gvmd --backup # Restore database gvmd --restore ``` ## Security Considerations ### 1. Scanner Security ```markdown 1. Regular updates 2. Strong authentication 3. Access control 4. Network isolation 5. Log monitoring ``` ### 2. Safe Scanning ```markdown 1. Use "Full and Fast" profile 2. Enable safe checks 3. Schedule during maintenance 4. Monitor target health 5. Document exceptions ``` ### 3. Compliance Integration ```markdown Map findings to: 1. PCI DSS 2. HIPAA 3. ISO 27001 4. Custom policies ``` ## Integration Options ### 1. API Usage ```bash # Basic API request curl -k -H "X-API-KEY: your-api-key" \ https://localhost:9392/gmp \ -d "" ``` ### 2. Automation ```markdown Automate: 1. Scan scheduling 2. Report generation 3. Result analysis 4. Remediation tracking ``` --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://edu.noirchapeau.com/vulnerability-assessment-notes/openvas-gvm-vulnerability-scanner-notes.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.