I’m seeking guidance on configuring OpenVAS to effectively detect server misconfigurations. Could someone please advise me on the settings or scan configurations I should enable for this purpose?
In general, configurations are only going to be visible by scanning a system’s host attack surface. To do that, you need to conduct an authenticated scan, to log into the system and scan the OS and internal applications. To do this:
- Create user with a credential on your target system. This could use a
username + public/private keypair, orusername + password - Create a credential in for Greenbone. Go to the Credentials page and create a new credential. Add the appropriate authentication information that you used to configure the target in step 1.
- Create a scan task using the
Advanced task wizardand add the credential to it. - Start the scan to conduct an authenticated scan.
To adjust the scan task’s configuration, you need to create a custom scan configuration by cloning the Full and Fast scan config and then you can edit it with the settings you like.
Please refer to the GSA documentation.
I hope that helps.
Please do note that:
- “Server Misconfigurations” is a quite broad term and could be anything
- the main scope of the Greenbone product lines is vulnerability scanning for “known vulnerabilities (e.g. in form of CVEs) of known (software) products”
Generally a “Full and Fast” is the scan config you can use for general scanning and no additional configuration / setting is usually required. If that what you are looking for is currently supported / covered it should be found via such a scan.