{"id":981,"date":"2008-08-18T15:57:40","date_gmt":"2008-08-18T15:57:40","guid":{"rendered":"https:\/\/www.darknet.org.uk\/?p=981"},"modified":"2015-09-09T19:39:19","modified_gmt":"2015-09-09T11:39:19","slug":"openvas-open-vulnerability-assessment-system-nessus-is-back","status":"publish","type":"post","link":"https:\/\/www.darknet.org.uk\/2008\/08\/openvas-open-vulnerability-assessment-system-nessus-is-back\/","title":{"rendered":"OpenVAS – Open Vulnerability Assessment System (Nessus is Back!)"},"content":{"rendered":"
[ad]<\/p>\n
As you all probably known since version 3 Nessus turned to a proprietary model and started charging for the latest plugins locking most of us out. Now we finally have a new, properly organised forked development with the name of OpenVAS – at last a decent and free Vulnerability Scanner!<\/p>\n
OpenVAS stands for Open Vulnerability Assessment System and is a network security scanner with associated tools like a graphical user front-end. The core component is a server with a set of network vulnerability tests (NVTs) to detect security problems in remote systems and applications. <\/p>\n
OpenVAS products are Free Software under GNU GPL and a fork of Nessus. <\/p>\n
About OpenVAS Server<\/strong><\/p>\n The OpenVAS Server is the core application of the OpenVAS project. It is a scanner that runs many network vulnerability tests against many target hosts and delivers the results. It uses a communication protocol to have client tools (graphical end-user or batched) connect to it, configure and execute a scan and finally receive the results for reporting. Tests are implemented in the form of plugins which need to be updated to cover recently identified security issues. <\/p>\n The server consists of 4 modules: openvas-libraries, openvas-libnasl, openvas-server and openvas-plugins. All need to be installed for a fully functional server. <\/p>\n OpenVAS server is a forked development of Nessus 2.2. The fork happened because the major development (Nessus 3) changed to a proprietary license model and the development of Nessus 2.2.x is practically closed for third party contributors. OpenVAS continues as Free Software under the GNU General Public License with a transparent and open development style. <\/p>\n About OpenVAS-Client<\/strong><\/p>\n OpenVAS-Client is a terminal and GUI client application for both OpenVAS and Nessus. It implements the Nessus Transfer Protocol (NTP). The GUI is implemented using GTK+ 2.4 and allows for managing network vulnerability scan sessions. <\/p>\n OpenVAS-Client is a successor of NessusClient 1.X. The fork happened with NessusClient CVS HEAD 20070704. The reason was that the original authors of NessusClient decided to stop active development for this (GTK-based) NessusClient in favor of a newly written QT-based version released as proprietary software. <\/p>\n OpenVAS-Client is released under GNU GPLv2 and may be linked with OpenSSL. <\/p>\n You can download OpenVAS here:<\/p>\n