1OPENVASCLIENT(1) Users Manuals OPENVASCLIENT(1)
2
6 OpenVAS-Client - The client part of the OpenVAS Security Scanner
7
9 OpenVAS-Client [-v] [-h] [-n] [-T <type>] [-q [-pPS] host port user
10 password targets results]
11 OpenVAS-Client -i in.nbe -o out.[html|xml|nbe]
13
16 The OpenVAS Security Scanner is a security auditing tool made up of two
17 parts: a server, and a client. The server, openvasd is in charge of
18 the attacks, whereas the client OpenVAS-Client provides an interface to
19 the user.
20 OpenVAS-Client is an X11 client based on GTK+2.
22 This man page explains how to use the client.
24
28 -c <config-file>, --config-file=<config-file>
29 use another configuration file.
30 -n, --no-pixmaps
33 no pixmaps. This is handy if you are running OpenVAS-Client on a
34 remote computer.
35 -q, --batch-mode
38 quiet mode or batch mode. Setting this option makes OpenVAS-
39 Client expect all of the following settings.
40 -p
41 obtain list of plugins installed on the server.
42 -P
43 obtain list of server and plugin preferences.
44 -S
45 issue SQL output for -p and -P (experimental).
46 · host
47 is the openvasd host to whom you will connect.
48 · port
49 is the port to which you will connect on the remote open‐
50 vasd host.
51 · user
52 is the user name to use to connect to openvasd.
53 · password
54 is the password associated with this user name.
55 · targets
56 is the name of a file containing the target machines.
57 · results
58 is the name of the file where the results will be stored
59 at the end of the test.
60 -T <type>, --output-type=<type>"
63 Save the data as <type>, where <type> can be “nbe”, “html”,
64 “html_graph”, “text”, “xml”, “tex”
65 -V, --verbose
68 make the batch mode display status messages to the screen.
69 -x, --dont-check-ssl-cert
72 do not check SSL certificates.
73 -v, --version
76 shows version number and quits
77 -h, --help
80 lists the available options
81
84 The OpenVAS-Client interface is divided in several panels:
85 · The “Openvasd host” section:
87 In this section, you must enter the openvasd host to whom you
88 will connect, as well as the port. You must also enter your
89 openvasd user name and your password (not the one of the sys‐
90 tem). Once you are done, you must click on the “Log in” button,
91 which will establish the connection to the openvasd host.
92 Once the connection is established, openvasd sends to the client
93 the list of attacks it will perform, as well as the default
94 preferences to use.
95 · The “Target Selection” section:
98 · In this section, you are required to enter the primary target.
99 A primary target may be a single host (e.g. x.y.test), an IP
100 (e.g. 192.168.1.1), a subnet (e.g. 192.168.1.1/24 or x.y.test),
101 or a list of hosts, separated by commas (e.g. 192.168.1.1,
102 192.168.2.1/24, x.y.test, a.b.test).
103 · You can restrict the maximum number of hosts to test using the
106 “Max Hosts” entry. This is a feature that prevents you from
107 scanning too many machines; or accidentally scanning other
108 machines. (For instance, if you only plan to test x.y.info and
109 a.b.info, you can safely set this entry to “2”).
110 · This panel also allows you to enable the “Perform a DNS zone
113 transfer” option. This option is dangerous and should be enabled
114 with caution. For instance, if you want to test www.x.test,
115 then if this option is set, openvasd will attempt to get the
116 list of the hosts in the “x.test” domain.
117 This option may be dangerous. For instance, if you enable it and
119 you ask to test 192.168.1.1/24, then openvasd will do a reverse
120 lookup on every IP, and will attempt a DNS zone transfer on
121 every domain. That is, if 192.168.1.1 is www.x.test, and
122 192.168.1.10 is mail.x.test, then a DNS zone transfer will be
123 made on the domains “x.test” and “test.x”.
124 · The “Plugins” section
128 Once you have successfully logged into the remote openvasd
129 server, this section is filed with the list of the attacks that
130 the server will perform. This panel is divided in two parts: the
131 plugins families, and the plugins themselves. If you click on
132 the name of a plugin, then a dialog will appear, showing you
133 which will be the error message sent by the plugin if the attack
134 is successful.
135
138 You can use OpenVAS-Client to do conversion between formats used for
139 reports. OpenVAS can take any NBE reports and change them into HTML,
140 XML or NBE reports.
141 Please note that the XML report provides usually more information about
143 the scan itself NBE format do not include in the report.
144 Basically, XML is a merge between the .nbe reports and the .openvasrc
146 configuration file. You won't get extra verbosity or diagnosis info in
147 the XML report, but you'll know which plugins (and which version of
148 these plugins) have been enabled during the scan.
149 For more information on the report formats please read the file
151 nbe_file_format.txt provided along with the documentation.
152
155 HOME The path to the user's home directory which will hold the client
156 configuration cache .openvasrc. The path is refered to as ~/,
157 below.
158 OPENVASHOME
161 If this environment variable is set, this path is used instead
162 of the path defined by the HOME variable. This path is referred
163 to as ~/, below.
164 % More examples should be included here (jfs)
166
168 To run a batch scan from a cron job and publish it in a given web space
169 ( /var/www/html/openvas/ ) try the following:
170 OpenVAS-Client -c /root/openvas/openvas.rc -T html -qx localhost 9390
172 batch batch1 /root/openvas/target /var/www/html/openvas/results.html
173 Make sure that paranoia level is not set in your openvas.rc configura‐
175 tion file, otherwise the scan will not work
176
179 ~/.openvasrc
180 is the client configuration file, which contains the options
181 about which openvasd server to connect to, which plugins to
182 activate, and so on. The file is created automatically if it
183 does not exist.
184
187 openvasclient-mkcert(1)
188
191 The canonical places where you will find more information about the
192 OpenVAS project are:
193 http://www.openvas.org/
195
198 Author of developments prior to the fork from NessusClient is Renaud
199 Deraison <deraison@cvs.nessus.org>.
200 Several other people have been kind enough to send patches and bug
202 reports. Thanks to them.
203The OpenVAS Project August 2007 OPENVASCLIENT(1)