In this article, we will discuss the overview of the Open Vulnerability Assessment System (Open VAS) and will also cover its working, and its features, and finally conclude with Categories of Open VAS architecture. Let’s discuss it one by one.
Overview :
Open Vulnerability Assessment System (OpenVAS) is free software that provides various services and tools for vulnerability assessment. Vulnerability refers to a weakness or flaw in a system. If a system is vulnerable, it can face threats to the user identity and data. It is always advisable to assess the vulnerability of the system. Vulnerability assessment is a process that can identify, enumerate, and rank the vulnerabilities present in a system or network in order to patch them. Basically, it is concerned with the security of the system resources.
Working on a vulnerability assessment tool works :
A vulnerability assessment tool works in the following way as follows.
- Classifies the system resources.
- Allocates the enumerable values to the classified resources.
- Detects the possible threats (vulnerabilities) in each resource.
- Eliminates the vulnerabilities on a priority basis.
Features :
- It allows an attacker to cause undesirable operations or gain unauthorized access.
- Open VAS is a framework that is licensed under the GNU General Public License (GNU GPL).
- It is based on a client-server architecture that works on the basis of OpenVAS Transfer Protocol (OTP), Open VAS Management Protocol (OMP), and Open VAS Administrative Protocol (OAP).
Categories of Open VAS architecture :
Open VAS architecture has the following categories as follows.
-
Clients –
Open VAS CLI and Green-bone Security Assistant (GSA) are interfaces available for clients.|
-
Services –
Open VAS Scanner and Open VAS Manager are services that actually perform the tasks of scanning the host machine on the network for Network Vulnerability Tests (NVTs).
-
Data –
NVTs results and configs are data used in the process of scanning the host machine.