OPENVAS SCAN with OPENVAS OS 24.10 – User Manual¶
This is the user manual for OPENVAS SCAN with OPENVAS OPERATING SYSTEM (OPENVAS OS) version 24.10. Due to the numerous functional and other differences between OPENVAS OS 24.10 and previous versions, this user manual should not be used with older versions of OPENVAS OS.
OPENVAS SCAN is under constant development. This user manual attempts to always document the latest software release. It is, however, possible that latest functionalities have not been captured in this user manual.
Should you have additional notes or error corrections for this user manual, contact the Greenbone Support Team.
The copyright for this user manual is held by the Greenbone AG. The license information for the feeds used by OPENVAS SCAN can be found at https://www.greenbone.net/en/license-information/. Greenbone and the Greenbone logo are registered trademarks of the Greenbone AG. Other logos and registered trademarks used within this user manual are the property of their respective owners and are used only for explanatory purposes.
This user manual is made available under the Creative Commons Attribution-ShareAlike 4.0 International license. See https://creativecommons.org/licenses/by-sa/4.0/ for details.
Under this license, you are free to:
Share — copy and redistribute the material in any medium or format
Adapt — remix, transform, and build upon the material for any purpose, even commercially
Under the following terms:
Attribution — You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests Greenbone AG endorses you or your use.
ShareAlike — If you remix, transform, or build upon the material, you must distribute your contributions under the same license as the original.
No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.
- 1 Introduction
- 2 Read Before Use
- 3 OPENVAS SCAN – Overview
- 4 Setting up OPENVAS SCAN
- 5 Upgrading OPENVAS SCAN to the Latest Major Version
- 5.1 Upgrading the Operating System
- 5.2 Upgrading the Flash Partition to the Latest Version
- 5.3 Relogging into the OPENVAS OS Administration Menu After an Upgrade
- 5.4 Reloading the Web Interface After an Upgrade
- 5.5 New Features and Changes of Default Behavior
- 6 Managing the OPENVAS OPERATING SYSTEM
- 6.1 General Information
- 6.2 Setup Menu
- 6.2.1 Managing Users
- 6.2.1.1 Changing the System Administrator Password
- 6.2.1.2 Managing Web Users
- 6.2.1.3 Creating a Web Administrator
- 6.2.1.4 Enabling a Guest User
- 6.2.1.5 Creating a Super Administrator
- 6.2.1.6 Deleting a User Account
- 6.2.1.7 Limiting the Number of Concurrent Web Sessions
- 6.2.1.8 Changing a User Password
- 6.2.1.9 Changing the Password Policy
- 6.2.1.10 Configuring the Settings for Data Objects
- 6.2.2 Configuring the Network Settings
- 6.2.2.1 General Information About Namespaces
- 6.2.2.2 Switching an Interface to Another Namespace
- 6.2.2.3 Configuring Network Interfaces
- 6.2.2.4 Configuring the DNS Server
- 6.2.2.5 Configuring the Global Gateway
- 6.2.2.6 Setting the Host Name and the Domain Name
- 6.2.2.7 Restricting the Management Access
- 6.2.2.8 Displaying the MAC and IP Addresses and the Network Routes
- 6.2.3 Configuring a Virtual Private Network (VPN) Connection
- 6.2.4 Configuring Services
- 6.2.5 Configuring Periodic Backups
- 6.2.6 Configuring Special Upgrade Settings
- 6.2.7 Configuring the Feed Synchronization
- 6.2.8 Configuring the Appliance as an Airgap Master/Sensor
- 6.2.9 Configuring the Time Synchronization
- 6.2.10 Selecting the Keyboard Layout
- 6.2.11 Configuring the E-Mails Settings
- 6.2.12 Configuring the Collection of Logs
- 6.2.13 Setting the Maintenance Time
- 6.2.1 Managing Users
- 6.3 Maintenance Menu
- 6.3.1 Performing a Self-Check
- 6.3.2 Performing and Restoring a Backup
- 6.3.3 Copying Data and Settings to Another Appliance with Beaming
- 6.3.4 Performing an OPENVAS OS Upgrade
- 6.3.5 Performing an OPENVAS OS Upgrade on Sensors
- 6.3.6 Performing a Feed Update
- 6.3.7 Performing a Feed Update on Sensors
- 6.3.8 Upgrading the Flash Partition
- 6.3.9 Shutting down and Rebooting the Appliance
- 6.4 Advanced Menu
- 6.5 Displaying Information about the Appliance
- 7 Getting to Know the Web Interface
- 8 Managing the Web Interface Access
- 9 Scanning a System
- 9.1 Using the Task Wizard for a First Scan
- 9.2 Configuring a Simple Scan Manually
- 9.3 Configuring an Authenticated Scan Using Local Security Checks
- 9.3.1 Advantages and Disadvantages of Authenticated Scans
- 9.3.2 Using Credentials
- 9.3.3 Requirements on Target Systems with Microsoft Windows
- 9.3.4 Requirements on Target Systems with ESXi
- 9.3.5 Requirements on Target Systems with Linux/Unix
- 9.3.6 Requirements on Target Systems with Cisco OS
- 9.3.7 Requirements on Target Systems with Huawei VRP
- 9.3.8 Requirements on Target Systems with EulerOS
- 9.3.9 Requirements on Target Systems with GaussDB
- 9.4 Configuring a CVE Scan
- 9.5 Using Container Tasks
- 9.6 Managing Targets
- 9.7 Creating and Managing Port Lists
- 9.8 Managing Tasks
- 9.9 Configuring and Managing Scan Configurations
- 9.10 Performing a Scheduled Scan
- 9.11 Creating and Managing Scanners
- 9.12 Using Alerts
- 9.13 Obstacles While Scanning
- 10 Reports and Vulnerability Management
- 11 Performing Compliance Scans and Special Scans
- 11.1 Configuring and Managing Policies
- 11.2 Configuring and Managing Audits
- 11.3 Using and Managing Audit Reports
- 11.4 Generic Policy Scans
- 11.5 Checking Standard Policies
- 11.6 Running a TLS Map Scan
- 12 Managing Assets
- 13 Managing SecInfo
- 14 Using the Greenbone Management Protocol
- 15 Using a Master-Sensor Setup
- 16 Managing the Performance
- 17 Connecting OPENVAS SCAN to Other Systems
- 18 Architecture
- 19 Frequently Asked Questions
- 19.1 Why Is the Scanning Process so Slow?
- 19.2 What Influences the Scan Capacity?
- 19.3 Why Is a Service/Product Not Detected?
- 19.4 Why Is a Vulnerability Not Detected?
- 19.5 Why Do the Results for the Same Target Differ across Several Consecutive Scans?
- 19.6 Why Is It Not Possible to Edit Scan Configurations, Port Lists, Compliance Policies, or Report Formats?
- 19.7 Why Is It Not Possible to Delete Scan Configurations, Port Lists, Compliance Policies, or Report Formats?
- 19.8 Why Does a VNC Dialog Appear on the Scanned Target System?
- 19.9 Why Does the Scan Trigger Alarms on Other Security Tools?
- 19.10 How Can a Factory Reset of the Appliance Be Performed?
- 19.11 Why Does Neither Feed Update nor OPENVAS OS Upgrade Work After a Factory Reset?
- 19.12 How Can an Older Backup or Beaming Image Be Restored?
- 19.13 What Can Be Done if the OPENVAS OS Administration Menu Is not Displayed Correctly in PuTTY?
- 19.14 How Can the GMP Status Be Checked Without Using Credentials?
- 19.15 What Should Be Done if the Self-Check Shows “RAID Array degraded”?
- 20 Glossary
- 20.1 Alert
- 20.2 Asset
- 20.3 CERT-Bund Advisory
- 20.4 Compliance Audit
- 20.5 Compliance Policy
- 20.6 CPE
- 20.7 CVE
- 20.8 CVSS
- 20.9 DFN-CERT Advisory
- 20.10 EPSS
- 20.11 Filter
- 20.12 Group
- 20.13 Host
- 20.14 Note
- 20.15 Vulnerability Test (VT)
- 20.16 Override
- 20.17 Permission
- 20.18 Port List
- 20.19 Quality of Detection (QoD)
- 20.20 Remediation Ticket
- 20.21 Report
- 20.22 Report Format
- 20.23 Result
- 20.24 Role
- 20.25 Scan
- 20.26 Scanner
- 20.27 Scan Configuration
- 20.28 Schedule
- 20.29 Severity
- 20.30 Solution Type
- 20.31 Tag
- 20.32 Target
- 20.33 Task
- 20.34 TLS Certificate