I-OpenVAS, faka lesi sithwebuli sokuba sengozini ku-Ubuntu 16.04

Damián A.

Imizuzu ye-5

mayelana ne-OpenVAS

Esihlokweni esilandelayo sizobheka i-OpenVAS. Le yinguqulo yomthombo ovulekile weNessus, eyayingezinye zezikena zokuqala zokuba sengozini. Noma I-Nmap indala futhi ingasetshenziswa ukuskena izimbobo zokuphepha. I-OpenVAS ithathwa njengabanye ukuthi ibe yiyo esinye sezikena zokuphepha ezihamba phambili umthombo ovulekile.

I-OpenVAS uhlaka lwezinsizakalo namathuluzi ahlinzeka nge- isixazululo esibanzi nesinamandla sokuthwebula nokubeka engcupheni ukuphathwa. Uhlaka luyingxenye yesixazululo sokuphathwa kobungozi kwezentengiselwano seGreenbone Networks, lapho intuthuko yenzelwe umphakathi ovulekile kusukela ngo-2009.

Ukufakwa kwe-OpenVAS ku-Ubuntu 16.04

Okokuqala, sizoba nakho engeza okugcina okulandelayo. Ukwenza lokhu sivula i-terminal (Ctrl + Alt + T) bese sibhala:

imiyalo yokufaka ye-openVAS 

sudo add-apt-repository ppa:mrzavi/openvas

Bese ugijima:

sudo apt-get update

Manje sizoqhubeka nokufaka i-openvas9:

ukufakwa kwe-openvas 

sudo apt-get install openvas9

ukumiswa kwe-openvas

Ngemuva kwalokho kuzovela okusha isikrini sokumiswa. Lokhu kuzosinika okukhethwa kukho YEBO noma Cha, mane ukhethe u-yebo bese siyaqhubeka.

Ngemuva kokufaka i-Openvas9, kuzofanele senze imiyalo elandelayo:

sudo apt-get install sqlite3 && sudo greenbone-nvt-sync && sudo greenbone-scapdata-sync && sudo greenbone-certdata-sync

Lesi sinyathelo singathatha ihora noma ngaphezulu. Uma usuqedile, sizoqala kabusha izinsizakalo futhi sakhe kabusha i-database yokuba sengozini ngokusebenzisa:

service openvas-scanner restart

service openvas-manager restart

sudo openvasmd --rebuild --progress

ukufakwa kwe-texlive 

sudo apt-get install texlive-latex-extra --no-install-recommends

Isinyathelo sokugcina sokuqeda inqubo yokufaka kuzoba ukwenza:

sudo apt-get install libopenvas9-dev

Ngemuva kokufakwa, singakwazi vula i-URL kusiphequluli sethu https://localhost:4000. Lokhu kuzosiyisa esikrinini esifana nokulandelayo:

ngena ngemvume isiphequluli esivulekile

KUBALULEKILE: Uma ubona iphutha le-SSL lapho uvula ikhasi, engeza okuhlukile kwezokuphepha bese uqhubeka.

Ukubeka izinhloso nemisebenzi yethu

I-OpenVAS ingasetshenziswa kokubili kusuka kulayini womyalo nangeziphequluli zethu. Kulesi sihloko sizobona ukusetshenziswa okuyisisekelo kwenguqulo yayo yewebhu, enembile ngokuphelele.

Ngemuva kokungena ngemvume, chofoza UKUQALA bese ungena AMATHEKethi:

imigomo ye-openvas

Setha i-TARGET

Uma usu-'TARGETS ', uzobona isithonjana esincane senkanyezi emhlophe ngaphakathi kwesikwele esiluhlaza okwesibhakabhaka. Sizocofa kuso ukwengeza umgomo wethu wokuqala.

Kuzovuleka iwindi, lapho sizobona khona izinkambu ezilandelayo:

ukuvulwa okusha kwelitshe

  • Igama: bhala ifayela le- igama lelitshe.
  • Amazwana: akukho ukuphawula.
  • Ibhukwana Lokubamba / Kusuka kufayela: ungakwazi lungiselela ikheli le-IP o layisha ifayela elinabaphathi abahlukahlukene. Ungabhala futhi i- igama lesizinda esikhundleni se-IP, njengoba besho ku- iwebhusayithi yabo.
  • Khipha ababungazi: uma esinyathelweni esedlule uchaze ibanga le-IP lapha, unga khipha abasingathi.
  • Buyisa Ukubheka: Ngicabanga ukuthi lezi zinketho ziyatholakala izizinda ezixhunywe kukheli le-IP, uma ufuna ikheli le-IP esikhundleni segama lesizinda.
  • Uhlu lwePort: lapha singakhetha imaphi amachweba esifuna ukuskena. Kungakuhle ukuthi ushiye wonke amachweba we-TCP ne-UDP uma unesikhathi.
  • Ukuhlolwa okuphilayo: Shiya njengokuzenzakalelayo, kepha uma ilitshe lakho lingabuyisi i-ping (njengamaseva we-Amazon, ngokwesibonelo), ungadinga ukukhetha «cabanga ukuthi uyaphila".
  • Ubufakazi bokuhlolwa okuqinisekisiwe: ungangeza imininingwane yakho yohlelo ku vumela i-Openvas ukuthi ihlole ubungozi bendawo.

Kufanele ufake ikheli le-IP noma igama lesizinda, uhla lwamachweba ofuna ukuskena kanye nemininingwane yohlelo lwakho, kuphela uma ufuna hlola ukuba sengozini kwasendaweni.

Setha UMSEBENZI

Ukuqhubeka, kwimenyu enkulu (ibha yemenyu efanayo lapho sithola khona UKULUNGISELEKA) uzothola «ISKena«. Chofoza bese ukhetha "IMISEBENZI" kusuka kumenyu engezansi.

Iskena umsebenzi

Esikrinini esilandelayo uzobona futhi inkanyezi emhlophe ngaphakathi kwesikwele esiluhlaza okwesibhakabhaka engxenyeni engenhla kwesokunxele kwesikrini, njengalapho sidala inhloso. Ewindini eliboniswayo sizobona izinketho ezilandelayo:

umsebenzi omusha

  • Skena Okukhonjiwe: lapha sizokhetha inhloso sifuna ukuskena.
  • Izaziso: thumela isaziso ngaphansi kwezimo ezithile.
  • zohlelo: ilusizo ekuguquleni i- bika isimilo ngu-Openvas. Ngalo msebenzi, ungagwema okuhle okungamanga.
  • I-MIn QoD: lokhu kusho ukuthi "Ikhwalithi encane yokuthola" futhi ngale nketho ungacela i-OpenVAS ukuthi khombisa kuphela izinsongo zangempela ezingaba khona.
  • Susa ngokuzenzakalela: le nketho iyasivumela bhala ngaphezulu imibiko yangaphambilini. Singakhetha ukuthi mangaki imibiko esifuna ukuyigcina ngomsebenzi ngamunye.
  • Skena Ukucushwa: le nketho ingeka khetha ubukhulu beskena. Ukuhlola okujulile kungathatha izinsuku.
  • Isixhumi esibonakalayo somthombo wenethiwekhi: lapha ungakwazi ucacise idivayisi yenethiwekhi. Angikwenzelanga le ndatshana.
  • I-oda labasingathi abakhokhelwe- Thinta le nketho uma ukhethe uhla lwe-IP noma izinhloso eziningi futhi une izinto eziseqhulwini maqondana nokulandelana lapho izinhloso ziskenwa khona.
  • Ubuningi benziwa ngesikhathi esisodwa i-NVT ngesikhungo ngasinye: Lapha ungachaza ifayela le- ubungozi obukhulu buhloliwe ngenhloso ngayinye ngasikhathi sinye.
  • Ubuningi babasingathi abaskeniwe ngesikhathi esisodwa- Uma unezinhloso nemisebenzi ehlukile, ungaqalisa ukuskena ngasikhathi sinye. Lapha ungachaza ifayela le- ukukhishwa okuphelele ngesikhathi esisodwa.

Iskena ilitshe

Ngemuva kwazo zonke lezi zinyathelo ezingenhla, ukuze qala ukuskena sidinga ukucindezela inkinobho yokudlala emhlophe ngaphakathi kwesikwele esiluhlaza, ezansi kwekhasi.

qala ukuskena kwe-OpenVAS

Ngiyethemba lesi sethulo esiyisisekelo se-OpenVAS sikusiza ukuthi uqalise ngalesi sixazululo esinamandla sokuskena ukuphepha.


Shiya umbono wakho

Ikheli lakho le ngeke ishicilelwe. Ezidingekayo ibhalwe nge *

*

*

  1. Ubhekele imininingwane: Miguel Ángel Gatón
  2. Inhloso yedatha: Lawula Ugaxekile, ukuphathwa kwamazwana.
  3. Ukusemthethweni: Imvume yakho
  4. Ukuxhumana kwemininingwane: Imininingwane ngeke idluliselwe kubantu besithathu ngaphandle kwesibopho esisemthethweni.
  5. Isitoreji sedatha: Idatabase ebanjwe yi-Occentus Networks (EU)
  6. Amalungelo: Nganoma yisiphi isikhathi ungakhawulela, uthole futhi ususe imininingwane yakho.

  1.   UMartinez Desimar kusho
    kwenza iminyaka 6

    Angikwazanga ukukuthola kusebenza nhlobo .. ngizozama ngalo mhlahlandlela ..

    Phendula uMartinez Desimar
  2.   URicardo Bautista kusho
    kwenza iminyaka 4

    Uma bengingayilungisa, manje ngidinga ukuthola ukuthi ngiyisebenzisa kanjani, ngiyabonga ngale ncwadi.

    Phendula uRicardo Bautista
  3.   Caesar kusho
    kwenza iminyaka 2

    Lithini igama lomsebenzisi nephasiwedi ukufinyelela iwebhu?

    Phendula uKesari
    1.    UDamien A. kusho
      kwenza iminyaka 2

      Sawubona. Kimina kubonakala sengathi igama lomsebenzisi elizenzakalelayo nephasiwedi ngumqondisi, kodwa iqiniso ukuthi angiqiniseki. bheka iwebhusayithi yephrojekthiNgiyaqiniseka ukuthi uzothola ulwazi lapho. Salu2.

      Phendula uDamián A.