Davoud Teimouri

At the first part, we’ve reviewed GSM (Greenbone Security Manager – Formerly OpenVAS) as a security manager or assessment tool for discovering vulnerabilities on virtual environments, the second part was more functional and we talked more about GSM. You leaned that how can you create a target on Greenboone Security Manager and scan it to discover vulnerabilities.

As I said at the end of second part of the blog post, the third part is related to resolving security issues. Any software and specially operating systems have “Hardening Guide”. You must follow steps of hardening guide to reduce security vulnerabilities effect on production environments.

690 total views, 1 views today

We have reviewed reasons of have Vulnerability Assessment or Vulnerability Manager in virtual environments and how these software help us to find vulnerabilities on any component of virtual infrastructure. We have reviewed OpenVAS or Greenbone Security Manager and talked about features and abilities.

Now, it’s time to use the GSM server that we had prepared on the previous part. In this part of blog post, we’ll configure a target (ESXi Server) on OpenVAS server, create a task for scan and find the result of scan.

I’ve installed ESXi 6U1 (3029758) on a virtual machine and there is no customized configuration, all configurations are default.

1,094 total views, 2 views today

In virtual environments, any vulnerability has affect on virtual infrastructure and those who get the service including internal and external services. So at least, any organization should have process to identifying vulnerabilities. Identifying vulnerabilities needs tools in IT infrastructure to scan devices, operating systems and applications and find vulnerabilities (Especially security vulnerabilities).

1,308 total views, 1 views today