Automated Vulnerability Scanning with OpenVAS and Nmap

Introduction

Regular vulnerability scanning helps you discover weak points before attackers do. This guide covers OpenVAS (Greenbone) and Nmap for automated scanning.

1. Install OpenVAS (Greenbone Community Edition)

Follow official installation instructions. For Ubuntu, use sudo apt install gvm and run sudo gvm-setup.

2. Update Vulnerability Feeds

sudo greenbone-nvt-sync and sudo greenbone-scapdata-sync regularly.

3. Start OpenVAS Services

sudo gvm-start. Access web interface at https://localhost:9392 (admin password set during setup).

4. Create a Scan Target

Add your VPS IP address as a target. Configure scan config (Full and Fast).

5. Run a Vulnerability Scan

Launch the scan; it may take hours. Review the report for critical vulnerabilities.

6. Remediation Based on Findings

Patch missing updates, change weak passwords, remove insecure services.

7. Nmap Basic Scan

nmap -sV -sC -O your_vps_ip – service version, default scripts, OS detection.

8. Nmap Vulnerability Scripts

nmap --script vuln your_vps_ip – checks for known CVEs.

9. Schedule Weekly Scans

Use cron or Greenbone’s built‑in scheduler.

10. Scanning from an External VPS

Run scans from a separate VPS to simulate external attacker perspective.

11. PCI DSS Compliance Scanning

OpenVAS helps meet quarterly scanning requirements for external IPs.

12. Authenticated Scans

Provide SSH credentials to OpenVAS for deeper checks (package versions, weak configs).

13. False Positive Management

Manually verify and mark false positives to reduce noise.

14. Scan Reports for Auditors

Export PDF/HTML reports to demonstrate compliance.

15. Continuous Scanning with OpenVAS

Set up a scheduled task and email reports automatically.

16. Scanning Docker Containers

Use Docker Bench Security or Trivy for container‑specific vulnerabilities.

17. Web Application Scanning

Use ZAP or Nikto for web‑specific vulnerabilities (in addition to OpenVAS).

18. Limiting Scan Impact

Aggressive scans may cause high load; schedule during off‑peak or throttle.

19. Firewall Configuration for Scanning

Ensure your scanning VPS is allowed through the firewall.

20. Remediation Tracking

Log vulnerabilities and track fixes using a ticketing system.

Conclusion

Run OpenVAS scans monthly and Nmap weekly. Act on critical findings immediately.