Tracking down weak points in your intranet

Scheduled Dates and Reports

The configuration of particular systems within a larger network changes frequently. In these situations, it is a good idea to apply OpenVAS automatically at controlled intervals to quickly identify weak points. To set up automatic application, you will need to first set up a schedule in the Configuration | Schedules menu. This can be used to schedule regular and automatic scans, even for periods as long as several months. Then, you should link the schedule with a task by activating the corresponding schedule in the selection field Schedule (optional) for tasks. OpenVAS will then execute the next scan at the time you have designated. It is a very good idea to document security scans, especially when you are dealing with larger installations.

OpenVAS makes documentation easy by letting you save reports in a large number of formats. You will need to click on the selection field in the upper middle of the Report menu and select the desired file format. Then, you should click on the green arrow to the right of the selection field and save the document. The software saves a highly detailed version of the report in which all of the test routines and their results are individually presented. This means that one report for the scan of a single workstation can be almost 30 pages long when saved in PDF format (Figure 7).

Figure 7: Because of the high quality of information contained in OpenVAS reports, the analysis for the scan of a single computer can be nearly 30 pages long.

Conclusion

Especially because of OpenVAS, Kali Linux delivers an extremely powerful tool for finding and fixing weak points of all kinds in an intranet. The tool is well suited for the beginner, because it works automatically and is largely self-explanatory. The developers have succeeded in preconfiguring OpenVAS in such a way that very few manual steps are necessary. In short, this tool comes practically ready to use and significantly improves network security.