Configuring Network Scanning
Acunetix can be configured to use OpenVAS to perform network scans of the Targets configured in Acunetix. When Acunetix detects a network vulnerability, it will submit the vulnerability to your OpenVAS system.
It allows the network engineering team to obtain visibility of these detected network issues by having them integrated into the rest of their network issue workflow in a single centralized location, avoiding the disjointed communications and confusion typically encountered when team members use unmanaged channels such as email, chat, and stand-alone documents for these purposes.
Network Scanning looks for many different network vulnerabilities, including:
- open ports and exposed services such as FTP, SSH, database servers, etc.; these are common configuration issues that lead to major data breaches, especially if coupled with weak passwords
- missing security patches for your network devices, web servers, or operating systems; missing patches or late patching may expose your infrastructure to dangerous attacks, on any operating system you infrastructure may be running
- insecure, outdated, or reverse-engineered SSL/TLS ciphers
To enable Acunetix to connect to OpenVAS from the Acunetix Web Interface:
- Select "Network Scanner" from the sidebar
- Click the "Enable" button
- Set the "Address" field to the IP Address of the OpenVAS machine (or "127.0.0.1" if OpenVAS and Acunetix are on the same machine)
- Set the "Port" field to "9390" (if using the OMP protocol) or "22" (if using the SSH protocol)
- Set the "Username" field to "admin"
- Set the "Password" field to the password of the OpenVAS Administrator which was auto-created during the installation of your OpenVAS system
- Set the "Protocol" field to "OMP" or "SSH"
- Click the "Save" button
Installation of OpenVAS to allow Acunetix to use the Network Scanner is explained here.