Scanning and Remediating Vulnerabilities with OpenVAS

Introduction

The module Scanning and Remediating Vulnerabilities with OpenVAS provides you with the instructions and devices to develop your hands-on skills in the following topics.

• Connecting to Win10 and Kali
• OpenVAS Scanning
• Security Active Directory Access LDAP
• Validating Security Changes with OpenVAS

Lab time: It will take approximately 1.5 hours to complete this lab.

Exam Objectives

The following exam objectives are covered in this lab:

• SY0-501 1.5: Explain vulnerability scanning concepts

Exercise 1 - OpenVAS Scanning

OpenVAS stands for Open Vulnerability Assessment System and is a fork from an older version of Nessus, formally known as GNessUs. It’s a free tool to use and can be quite comprehensive in its scanning techniques as well assisting in finding vulnerabilities. It can be used in conjunction with other Kali tools to help pen test environments more efficiently.

Exercise 2 - Securing Active Directory Access LDAP

Active Directory holds a great of critical information about a business or organisation regarding how its structured, who the participating members are, the groups and positions of those members, how the domain is defined and which computer groups are assigned. It has overall control across the network and is very powerful at enforcing policy rights. Throughout the years as Windows and devices have changed it has grown very large and complicated, it provides backwards compatibility for older services as well, however back in the days of Windows 2000 security wasn’t well understood and mainly holes in older system were exploitable.

Exercise 3 - Validating Security Changes with OpenVAS

Once changes have been made to any system, it is vital that a recheck of the system is made in order to confirm that updates, patches and security configuration have taken place and are functioning correctly as expected.