Comments on: OpenVAS – Opensource Vulnerability Assessment Scanner

By: Steve V

Steve V — Sun, 11 Dec 2011 04:37:54 +0000

I’ve used Nessus (even recently), I’ve used Retina, I’ve used ISS and now and I’ve used OpenVAS recently.
Frankly, I LOVE ISS, but HATE the licensing cost. Retina is OK, but not the best, to be charitable.
When I look at Nessus today and I look at OpenVAS today, I’ll go 11 times out of 10 with OpenVAS. Its reporting is cleaner, more configurable and overall better formatted.
Now, if you’ll excuse me, I need to harangue the CentOs folks over one recent vulnerability and two 2009 vulnerabilities that remain unpatched in their distribution.

By: Todd

Todd — Sun, 10 Oct 2010 02:12:39 +0000

I found the application pretty easy to install when using ubuntu. I think this article helped a lot.

I do remember using it from time to time. I think the application works pretty well once you configure all of the parameters it asks.

I think this is something I will contribute to.

By: avinash bhat

avinash bhat — Mon, 19 Apr 2010 11:58:12 +0000

Hi,

this blog looks pretty good explained about OpenVAS. I installed OpenVAS on Debian (Raid Systems)(SERVER) nd trying to scan by giving the localhost address or any remote systems… The problem is the report which is getting as an output from openvas is only regarding PORT’s, i just wanted to know is it possible to scan based on application installed in the remote systems or is it possible to scan specific files which i needed to scan respectively.

please provide me the best solution for it, waiting for the earliest response.
my mail id: avinashvbhat@gmail.com

Thanking you,
Avinash Bhat

By: kavitha

kavitha — Mon, 01 Jun 2009 08:22:43 +0000

Hi,

I’m finding some issue while i run the command openvas-nvt-sync.It throws the error ->
sent 848073 bytes received 1503041 bytes 120569.95 bytes/sec
total size is 47546176 speedup is 20.22
Error: md5sums not correct. Your NVT collection might be broken now.
Please try this for details: cd “/usr/local/lib/openvas/plugins” ; md5sum -c “/usr/local/lib/openvas/plugins/md5sums” | less

Please do tell me what might be the reason for this.Also suggest me any alternatives to sync the plugins on the OpenVAS server.

regards
Kavitha

By: Peter

Peter — Wed, 31 Dec 2008 02:59:19 +0000

Over at our open source vulnerability scanning site, we formerly were running a Nessus scan. We have since switched to OpenVas since the Nessus licensing change. Check us out, we are currently offering free vulnerability scans against your servers. All the best for 2009! HackerTarget.com

By: Information security

Information security — Wed, 15 Oct 2008 03:39:51 +0000

As important as security is, remaining current with every development is hard, and evaluating possible vulnerabilities across a network can be quite a chore. You need a way to both automate tests and make sure you’re running the most appropriate and up-to-date tests. Open Vulnerability Assessment System (OpenVAS) is a network security scanner that includes a central server and a graphical front end. The server allows you to run several different network vulnerability tests (NVT) written in Nessus Attack Scripting Language (NASL), which OpenVAS updates frequently.

By: Open VAS - ¿La evolución del Nessus? | La Comunidad DragonJAR

Open VAS - ¿La evolución del Nessus? | La Comunidad DragonJAR — Tue, 16 Sep 2008 04:38:56 +0000

[...] un manual para OpenSUSE (posiblemente puede adaptarse para otra distribuciones), los invito a probar el Open VAS y aportar [...]

By: HowtoMatrix » OpenVAS - Opensource Vulnerability Assessment Scanner

HowtoMatrix » OpenVAS - Opensource Vulnerability Assessment Scanner — Fri, 29 Aug 2008 16:42:26 +0000

[...] Read more at http://www.susegeek.com [...]

By: Sergicles

Sergicles — Tue, 26 Aug 2008 03:53:49 +0000

It’s funny, once it’s gone everybody wants it.

The “official” reason of Nessus going closed source is the community. Apparently very few have contributed to (a) core and (b) NASL scripts… At the end it was obvious, according to the announcement way back, that there is no support from the community – one way in a two way street so to speak. Now that it’s gone, suddenly there is this big interest (I’ve seen few OpenVAS posts in the last few weeks).

I wonder if the project is going to die, again, soon.

By: Lawrence D'Oliveiro

Lawrence D'Oliveiro — Tue, 26 Aug 2008 03:52:00 +0000

Note this is an open-source fork of Nessus, created after the latter closed its source.