Skip to main content
  1. Posts/

Exploring Vulnerabilities: A Hands-On Assessment with OpenVAS(GVM)

·408 words·2 mins· loading · loading · ·
Case Study Security Vulnerability Management Network Security Penetration Testing Cybersecurity Vulnerability Assessment OpenVAS Kali Linux Network Security Penetration Testing Threat Intelligence
kelvin kiplagat
Author
kelvin kiplagat
Cyber Security Analyst | Threat intelligence analyst | Linux administrator | Information Security | IT Risk & Governance | IT Service management | Incident management

#

Exploring Vulnerabilities: A Hands-On Assessment with OpenVAS(GVM)
#

Introduction

In today’s ever-evolving cybersecurity landscape, identifying and mitigating vulnerabilities is a vital practice. In this case study, I explore the vulnerability assessment of CyberTech Solutions’ network using OpenVAS on Kali Linux. By conducting a comprehensive scan, analyzing results, and recommending remediations, this exercise demonstrates the importance of proactive measures in securing IT infrastructure.

Setup and Installation

To carry out this assessment, I installed and configured OpenVAS on a Kali Linux system. OpenVAS, a powerful open-source vulnerability scanner, allows for detailed analysis of network security.

Steps to Install OpenVAS:

  1. Install OpenVAS:

sudo apt update && sudo apt install -y openvas

  1. Set up OpenVAS:

sudo gvm-setup

  1. Start the service:

sudo gvm-start

  1. Access the Web Interface: Navigate to https://<your-ip>:9392 and log in using the credentials set during the setup.

These steps ensure a ready-to-use environment for scanning. For an enhanced experience, screenshots of the installation process are included.

Scanning Process

Once OpenVAS was configured, I created a scanning task to assess CyberTech Solutions’ network, targeting the IP address 10.6.6.12. The steps included:

  1. Configuring the Target:
  • Added 10.6.6.12 as a new target under Configuration > Targets.
  • Selected “Full and Fast” as the scan configuration for efficiency and coverage.

2. Running the Scan:

Created a new task under Scans > Tasks, linked it to the target, and started the scan.

Monitored the progress and reviewed results upon completion.

Findings

The scan yielded two low-severity vulnerabilities. Here are the details:

Detailed Analysis

  • TCP Timestamps Information Disclosure
  • Impact: The remote host implements TCP timestamps, which can disclose uptime information.
  • Mitigation: Add the following to /etc/sysctl.conf and apply it:net.ipv4.tcp_timestamps = 0sudo sysctl -p
  • ICMP Timestamp Reply Information Disclosure
  • Impact: ICMP timestamp replies could be exploited in timing attacks.
  • Mitigation: Configure the firewall to block ICMP packets from untrusted networks.

Analysis and Prioritization

Although both vulnerabilities were rated low, they could be leveraged in larger attacks. Prioritizing these issues ensures a stronger security posture:

  1. Disable TCP timestamps to reduce information leakage.
  2. Restrict ICMP packets using firewalls for an additional layer of defense.

Conclusion

This vulnerability assessment highlights the value of tools like OpenVAS in identifying and mitigating risks. Regular scans and proactive remediation are essential to maintaining a secure network. By addressing even low-severity issues, organizations can reduce their attack surface and improve resilience against potential threats. ::: ::: ::: :::

By Kiplagatkelvin{.p-author .h-card} on January 8, 2025.

Canonical link{.p-canonical}

Exported from Medium on February 13, 2025.

Related

Secure Your Kali Linux with UFW: Uncomplicated Firewall Setup
·1473 words·7 mins· loading · loading
Cybersecurity Linux Security System Hardening Network Defense Kali Linux Firewall UFW Linux Security Network Security Cybersecurity System Hardening Penetration Testing
A step-by-step guide to configuring UFW (Uncomplicated Firewall) on Kali Linux to enhance security and protect against unauthorized access.
Wireshark Traffic Analysis
·3267 words·16 mins· loading · loading
Cybersecurity Network Forensics Penetration Testing Incident Response Wireshark Traffic Analysis Cybersecurity Packet Analysis Network Security Forensics Intrusion Detection Threat Hunting
A deep dive into analyzing network traffic using Wireshark for security monitoring, forensics, and threat detection.
Assessing the Risk Profile of CyberTech Solutions and Implementing a Security Policy
·1329 words·7 mins· loading · loading
Cybersecurity Risk Management Information Security IT Governance Cybersecurity Risk Assessment Security Policy Network Security Password Policy Incident Response Data Protection Employee Training
An in-depth assessment of CyberTech Solutions’ security risks and the development of a security policy to mitigate vulnerabilities, covering password policies, patch management, network security, data backup, and employee training.