OpenVAS
The world's most advanced Open Source vulnerability scanner and manager
OpenVAS (Open Vulnerability Assessment System, the name of the fork originally known as GNessUs) is a framework of several services and tools offering a vulnerability scanning and vulnerability management solution.
All OpenVAS products are Free Software. Most components are licensed under the GPL.
It has four components :-
- OpenVAS Scanner
- OpenVAS Manager
- OpenVAS CLI
- Green-bone Security Assistant (GSA)
The core of this SSL-secured service-oriented architecture is the OpenVAS Scanner. The scanner very efficiently executes the actual Network Vulnerability Tests (NVTs) which are served with daily updates via the OpenVAS NVT Feed or via a commercial feed service.
The OpenVAS Manager is the central service that consolidates plain vulnerability scanning into a full vulnerability management solution. The Manager controls the Scanner via OTP (OpenVAS Transfer Protocol) and itself offers the XML-based, stateless OpenVAS Management Protocol (OMP). All intelligence is implemented in the Manager so that it is possible to implement various lean clients that will behave consistently
The Manager also controls a SQL database (sqlite-based sql-lite3) where all configuration and scan result data is centrally stored. Finally, Manager also handles user management includiung access control with groups and roles.
Different OMP clients:-
OpenVAS CLI contains the command line tool "omp" which allows to create batch processes to drive OpenVAS Manager.
The Greenbone Security Assistant (GSA) is a lean web service offering a user interface for web browsers. GSA uses XSL transformation stylesheet that converts OMP responses into HTML.
Great info ... Keep it up!
ReplyDelete