A new open-source project called OpenVAS has emerged to take the place of Nessus, the popular vulnerability assessment system that closed its source a few years ago.
The first stable version of OpenVAS, which is a fork of Nessus 2.2, was released this week featuring a server, a client and an NVT (network vulnerability tests) feed.
Installation packages are available for OpenSUSE, Fedora, Mandrake, FreeBSD and Gentoo. Packages for Debian and Ubuntu are in the works, the group said. An OpenVAS-Client is available for Microsoft Windows.
The nitty gritty of the new project:
- OpenVAS Server -- This is a scanner that runs many network vulnerability tests against many target hosts and delivers the results. It uses a communication protocol to have client tools (graphical end-user or batched) connect to it, configure and execute a scan and finally receive the results for reporting. Tests are implemented in the form of plugins which need to be updated to cover recently identified security issues. The server consists of 4 modules: openvas-libraries, openvas-libnasl, openvas-server and openvas-plugins. All need to be installed for a fully functional server.
- OpenVAS-Client -- This is a terminal and GUI client application for both OpenVAS and Nessus. It implements the Nessus Transfer Protocol (NTP). The GUI is implemented using GTK+ 2.4 and allows for managing network vulnerability scan sessions. OpenVAS-Client is a successor of NessusClient 1.X.
- OpenVAS NVT Feed -- This is a public feed of Network Vulnerability Tests (NVTS). It contains only signed files and only the supported NVT families and their dependencies. This feed is configured as default for OpenVAS Server.
The OpenVAS development team plans to extend the range of the vulnerability tests for present and upcoming security issues, especially for those reported as CVEs, BIDs etc.