Provided by: openvas-client_2.0.5-1.1_amd64 
NAME
OpenVAS-Client - The client part of the OpenVAS Security Scanner
SYNOPSIS
OpenVAS-Client [-v] [-h] [-n] [-T <type>] [-q [-pPS] host port user password targets
results]
OpenVAS-Client -i in.nbe -o out.[html|xml|nbe]
DESCRIPTION
The OpenVAS Security Scanner is a security auditing tool made up of two parts: a server,
and a client. The server, openvasd is in charge of the attacks, whereas the client
OpenVAS-Client provides an interface to the user.
OpenVAS-Client is an X11 client based on GTK+2.
This man page explains how to use the client.
OPTIONS
-c <config-file>, --config-file=<config-file>
use another configuration file.
-n, --no-pixmaps
no pixmaps. This is handy if you are running OpenVAS-Client on a remote computer.
-q, --batch-mode
quiet mode or batch mode. Setting this option makes OpenVAS-Client expect all of
the following settings.
-p
obtain list of plugins installed on the server.
-P
obtain list of server and plugin preferences.
-S
issue SQL output for -p and -P (experimental).
· host
is the openvasd host to whom you will connect.
· port
is the port to which you will connect on the remote openvasd host.
· user
is the user name to use to connect to openvasd.
· password
is the password associated with this user name.
· targets
is the name of a file containing the target machines.
· results
is the name of the file where the results will be stored at the end of the
test.
-T <type>, --output-type=<type>"
Save the data as <type>, where <type> can be “nbe”, “html”, “html_graph”, “text”,
“xml”, “tex”
-V, --verbose
make the batch mode display status messages to the screen.
-x, --dont-check-ssl-cert
do not check SSL certificates.
-v, --version
shows version number and quits
-h, --help
lists the available options
The X11 interface
The OpenVAS-Client interface is divided in several panels:
· The “Openvasd host” section:
In this section, you must enter the openvasd host to whom you will connect, as well
as the port. You must also enter your openvasd user name and your password (not the
one of the system). Once you are done, you must click on the “Log in” button, which
will establish the connection to the openvasd host.
Once the connection is established, openvasd sends to the client the list of
attacks it will perform, as well as the default preferences to use.
· The “Target Selection” section:
· In this section, you are required to enter the primary target. A primary target
may be a single host (e.g. x.y.test), an IP (e.g. 192.168.1.1), a subnet (e.g.
192.168.1.1/24 or x.y.test), or a list of hosts, separated by commas (e.g.
192.168.1.1, 192.168.2.1/24, x.y.test, a.b.test).
· You can restrict the maximum number of hosts to test using the “Max Hosts” entry.
This is a feature that prevents you from scanning too many machines; or
accidentally scanning other machines. (For instance, if you only plan to test
x.y.info and a.b.info, you can safely set this entry to “2”).
· This panel also allows you to enable the “Perform a DNS zone transfer” option.
This option is dangerous and should be enabled with caution. For instance, if you
want to test www.x.test, then if this option is set, openvasd will attempt to get
the list of the hosts in the “x.test” domain.
This option may be dangerous. For instance, if you enable it and you ask to test
192.168.1.1/24, then openvasd will do a reverse lookup on every IP, and will
attempt a DNS zone transfer on every domain. That is, if 192.168.1.1 is www.x.test,
and 192.168.1.10 is mail.x.test, then a DNS zone transfer will be made on the
domains “x.test” and “test.x”.
· The “Plugins” section
Once you have successfully logged into the remote openvasd server, this section is
filed with the list of the attacks that the server will perform. This panel is
divided in two parts: the plugins families, and the plugins themselves. If you
click on the name of a plugin, then a dialog will appear, showing you which will be
the error message sent by the plugin if the attack is successful.
Report conversion
You can use OpenVAS-Client to do conversion between formats used for reports. OpenVAS can
take any NBE reports and change them into HTML, XML or NBE reports.
Please note that the XML report provides usually more information about the scan itself
NBE format do not include in the report.
Basically, XML is a merge between the .nbe reports and the .openvasrc configuration file.
You won't get extra verbosity or diagnosis info in the XML report, but you'll know which
plugins (and which version of these plugins) have been enabled during the scan.
For more information on the report formats please read the file nbe_file_format.txt
provided along with the documentation.
ENVIRONMENT VARIABLES
HOME The path to the user's home directory which will hold the client configuration
cache .openvasrc. The path is refered to as ~/, below.
OPENVASHOME
If this environment variable is set, this path is used instead of the path defined
by the HOME variable. This path is referred to as ~/, below.
% More examples should be included here (jfs)
EXAMPLES
To run a batch scan from a cron job and publish it in a given web space (
/var/www/html/openvas/ ) try the following:
OpenVAS-Client -c /root/openvas/openvas.rc -T html -qx localhost 9390 batch batch1
/root/openvas/target /var/www/html/openvas/results.html
Make sure that paranoia level is not set in your openvas.rc configuration file, otherwise
the scan will not work
FILES
~/.openvasrc
is the client configuration file, which contains the options about which openvasd
server to connect to, which plugins to activate, and so on. The file is created
automatically if it does not exist.
SEE ALSO
openvasclient-mkcert(1)
MORE INFORMATION ABOUT THE OPENVAS PROJECT
The canonical places where you will find more information about the OpenVAS project are:
http://www.openvas.org/
AUTHORS
Author of developments prior to the fork from NessusClient is Renaud Deraison
<deraison@cvs.nessus.org>.
Several other people have been kind enough to send patches and bug reports. Thanks to
them.