Kwinqaku elilandelayo siza kujonga i-OpenVAS. Olu luguqulelo lwemithombo evulekileyo yeNessus, eyayisesinye sezikena zokuqala zokuba semngciphekweni. Nangona Nmap indala kwaye ingasetyenziselwa ukuskena imingxunya yokhuseleko. I-OpenVAS ithathwa njengenye ukuba yiyo Esinye sezikena sezokhuseleko Vula Umnikezi.
I-OpenVAS sisakhelo seenkonzo kunye nezixhobo ezibonelela nge- Isisombululo esibanzi nesinamandla sokuskena kwengozi kunye nolawulo. Isakhelo siyinxalenye yesisombululo solawulo lokusemngciphekweni kweGreenbone Networks, ukusuka apho uphuculo lwenziwe kuluntu oluvulekileyo loluntu ukusukela ngo-2009.
Ukufakwa kwe-OpenVAS kwi-Ubuntu 16.04
Okokuqala, siya kuba nayo yongeza indawo yokugcina elandelayo. Ukwenza oku sivula i-terminal (Ctrl + Alt + T) kwaye sibhale:
sudo add-apt-repository ppa:mrzavi/openvas
Emva koko baleka:
sudo apt-get update
Ngoku siza kuqhubeka nokufaka i-openvas9:
sudo apt-get install openvas9
Emva koko kuya kuvela entsha Iscreen soqwalaselo. Oku kuyakusinika ukhetho EWE okanye HAYI, khetha ngokulula u-ewe kwaye siqhubeke.
Emva kokufaka i-Openvas9, kuya kufuneka siphumeze le miyalelo ilandelayo:
sudo apt-get install sqlite3 && sudo greenbone-nvt-sync && sudo greenbone-scapdata-sync && sudo greenbone-certdata-sync
Eli nyathelo linokuthatha iyure okanye nangaphezulu. Nje ukuba sigqibile, siza kuqala iinkonzo kwaye sizakhele kwakhona isiseko sedatha ngokwenza:
service openvas-scanner restart service openvas-manager restart sudo openvasmd --rebuild --progress
sudo apt-get install texlive-latex-extra --no-install-recommends
Inyathelo lokugqibela lokugqiba inkqubo yofakelo iya kuba kukusebenza:
sudo apt-get install libopenvas9-dev
Emva kofakelo, sinako vula i-URL kwisikhangeli sethu https://localhost:4000. Oku kuya kusisa kwiscreen ngolu hlobo lulandelayo:
KUBALULEKILE: Ukuba ubona impazamo ye-SSL xa uvula iphepha, yongeza ukhuseleko ngaphandle kwaye uqhubeke.
Ukubeka iinjongo zethu kunye nemisebenzi
I-OpenVAS inokusetyenziswa kokubini ukusuka kumgca wokuyalela kunye nakwizikhangeli zethu. Kweli nqaku siza kubona usetyenziso olusisiseko lwenguqulo yewebhu, enomdla ngokupheleleyo.
Emva kokungena ungene, cofa UKUBHALA kwaye emva koko ungene Iithagethi:
Cwangcisa iTHARGET
Nje ukuba ube kwi 'ITHAGETHI', uya kubona i icon encinci yenkwenkwezi emhlophe ngaphakathi kwesikwere esiblowu. Siza kucofa kuyo ukongeza injongo yethu yokuqala.
Kuya kuvulwa ifestile, apho siza kubona khona la masimi alandelayo:
- igama: bhala apha igama ekujoliswe kulo.
- amagqabantshintshi: Andinamazwi.
- Incwadana yemikhosi / ukusuka kwifayile: Unga qwalasela idilesi ye-IP o layisha ifayile ngemikhosi eyahlukeneyo. Unokubhala kwakhona igama lesizinda endaweni ye-IP, njengoko besitsho iwebhusayithi yabo.
- Ngaphandle kwemikhosi: ukuba kwinyathelo elidlulileyo uchaze uluhlu lwe-IP apha, unga ngaphandle kwemikhosi.
- Ukujikisa ukujonga kwakhona: Ndicinga ukuba ezi ndlela ziyafunyanwa imimandla edityaniswe nedilesi ye-IP, ukuba ujonga idilesi ye-IP endaweni yegama ledomeyini.
- Uluhlu lwezibuko: apha sinokukhetha zeziphi izibuko esifuna ukuskena. Kuyacetyiswa ukuba ushiye zonke izibuko ze-TCP kunye ne-UDP ukuba unexesha.
- Uvavanyo oluphilayo: shiya njengendawo emiselweyo, kodwa ukuba ujoliso lwakho alubuyisi ping (njengeeseva zeAmazon, umzekelo), unokufuna ukukhetha «cinga ngokuphila«.
- Iziqinisekiso zokuhlolwa okuqinisekisiweyo: ungongeza iinkcukacha zakho kwinkqubo vumela i-Openvas ukuba ijonge ubungozi basekuhlaleni.
Kuya kufuneka ufake idilesi ye-IP okanye igama lesizinda, uluhlu lwamazibuko ofuna ukuskena, kunye neenkcukacha zakho zenkqubo, kuphela ukuba ufuna jonga ubungozi basekuhlaleni.
Misela UMSEBENZI
Ukuqhubeka, kwimenyu ephambili (ibha yemenyu efanayo apho sifumana khona UKUQINISEKISA) uyakufumana «UKUHLOLA«. Cofa uze ukhethe "IMISEBENZI" kwimenyu esezantsi.
Kwiskrini esilandelayo uza kubona kwakhona inkwenkwezi emhlophe ngaphakathi kwesikwere esiluhlaza okwesibhakabhaka kwinxalenye ephezulu yasekhohlo kwesikrini, njengaxa sasiyila injongo. Kwifestile ebonisiweyo siza kubona ezi zinto zilandelayo:
- Skena iithagethi: apha Siza kukhetha injongo sifuna ukuskena.
- Izaziso: thumela isaziso phantsi kweemeko ezithile.
- Ukugqithisa: iluncedo ekuguqulweni ingxelo yokuziphatha ngu-Openvas. Ngalo msebenzi, unokuyiphepha into ebubuxoki.
- I-MIn QoD: oku kuthetha "Ubuncinci bokubona ubulunga" kwaye ngolu khetho unokucela i-OpenVAS bonisa kuphela izoyikiso zokwenene.
- Ukuzenzekelayo: olu khetho luyasivumela Bhala ngaphezulu iingxelo zangaphambili. Sinokukhetha ukuba zingaphi iingxelo esifuna ukuzigcina ngomsebenzi ngamnye.
- Skena uqwalaselo: olu khetho lolwe Khetha ubungakanani beskena. Olona phando lunzulu lungathatha iintsuku.
- Ujongano lomthombo womnatha: apha unako khankanya isixhobo somnatha. Khange ndiyenzele eli nqaku.
- I-odolo kubaphathi ekujoliswe kubo-Chukumisa olu khetho ukuba ukhethe uluhlu lwe-IP okanye iithagethi ezininzi kwaye unayo izinto ngokubaluleka ngokubhekisele kulandelelwano ekujoliswe kuko.
- Ubuninzi benziwa ngaxeshanye kwi-NVT ngomamkeli ngamnye: Apha ungachaza ifayile ye- ubuninzi bobungozi bukhangelwe kwinjongo nganye ngaxeshanye.
- Ubuninzi bemikhosi eskenwe ngaxeshanye-Ukuba uneenjongo ezahlukeneyo kunye nemisebenzi, ungabaleka iskena ngaxeshanye. Apha ungachaza ifayile ye- Ukuphunyezwa okuphezulu ngaxeshanye.
Ukuskena ekujolise kuko
Emva kwawo onke la manyathelo angentla, ukuya qalisa ukuskena kufuneka sicinezele iqhosha lokudlala elimhlophe ngaphakathi kwesikwere esiluhlaza, emazantsi ephepha.
Ndiyathemba ukuba isingeniso esisisiseko kwi-OpenVAS sinceda ukuba uqalise ngesi sisombululo sokhuseleko esinamandla.
Khange ndiyifumane isebenze kwaphela .. ndizakuzama ngesi sikhokelo ..
Ukuba ndinokuyiqwalasela, ngoku kufuneka ndibone ukuba ndiyisebenzisa njani, enkosi ngale ncwadi.
Yintoni igama lomsebenzisi kunye negama lokugqitha ukufikelela kwiwebhu?
Mholweni. Kum kubonakala ngathi igama lomsebenzisi elingagqibekanga kunye negama lokugqitha ngu admin, kodwa inyani yeyokuba andiqinisekanga. jonga kwi iwebhusayithi yeprojekthiNdiqinisekile ukuba uya kulufumana ulwazi apho. Salu2.