We had a phenomenal turnout at our meeting on February with 20 in attendance with several new attendees and we filled the room at Steven-Henager College. Our topic for tonight was Penetration Testing using OpenVAS, the Open Vulnerability Assessment System, which is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. Mic of Taos was our presenter. Before I start with the actual meeting report, a great thank you to Steven-Henager College for providing our meeting space and Taos of Boise for providing the Pizza, Soda, and cookies!
We did have some technical issues with the display in trying to get started but using another laptop where OpenVAS was installed, Mic got underway with his demonstration. OpenVAS is an open source product which is free for downloading and use. It is available as a stand-alone distribution, an virtual appliance, and can be installed from packages on a number of distributions. Tonight, openVAS was installed on Kali Linux 2016.1 64 Bit. The installation is somewhat time consuming as besides installing the required packges, it also installs the NVT’s of which there are thousands, and then once installed, it accesses the openVAS feed to get the latest and greatest NVT’s. NVT are Network Vulnerability Tests in the form of .nasl and .inc files which are basically text files that can be easily read and we explored those a bit tonight.
We started off at the command line and running openvas start followed by openvas-check-setup which verifies you openvas setup and any problem areas. There are a number of packages available at the command line that can be viewed by type openvas tab tab at the command line. Also the command line OpenVAS manager can be used for many tasks. One task Mic showed was creating a new user with the command “openvasmd –-create-user admin2 –role Admin” which created a new user named admin 2 with the role of Admin. On completion, it displayed an openvas generated password which is in UUID form. Openvasmd comes with both a help system as well as the man page 8, an administrative man page (man 8 openvasmd). Also useful in getting ready to use OpenVAS are utilities like netstat and nmap.
OpenVAS comes with a web based management tool called the Greenbone Security Assistance where you can perform all the activities including configuration and administration, test (NVT’s) selection. It opens up with a quick start that allows you to immediately scan of an IP address and view the vulnerability report. The report gives the vulnerability accompanied with a description of the vulnerability, very easy to use. During Mic’s demo, we took a look at the .nasl files, scan management, scan targets and user management including groups and roles.
We finished up with deployment across the network for vulnerability testing including clients on specific machines and back channel use along with use in complex network environments such as multiple vlans.
Thanks to Mic for a great presentation on OpenVAS to spike our interest in Penetration Testing.
For our next meeting, we will continue with Kali Linux and the built in tools available in the Kali as well as explore Lazy Kali, an add-on to Kali that makes for a quick start in using Kali Linux. I have been working with Kali Linux 2016.1, the latest rolling release, and while it is not designed as a desktop, it can be installed and used that way, as well as penetration testing tool. I also have installed both Kali Linux and the Fedora 23 Security Spin on bootable USB thumb drives, which both feature Forensic Modes as well as the usual selection of testing tools. I will be demonstrating some of the tools available on these as well as building the Kali Linux Bootable USB with 8 gigabytes of persistent storage fully updated. I am still looking for those with pentest and forensic skills that would be willing to help with this presentation, particularly in demonstrating in how the tools might be used effectively. Drop me an email if you can help firstname.lastname@example.org
Our next meeting will be March 15th at 6:30 PM, at Stevens-Heneger College.