Utility vulnerability scanners are specialized tools designed to identify security weaknesses in critical infrastructure sectors such as energy, water, transportation, and manufacturing. These systems are often highly interconnected and interdependent, using proprietary technologies and protocols that may not have been originally designed with security in mind. Additionally, many of these systems have been in use for decades and may be difficult or expensive to replace.
Utility vulnerability scanners play a crucial role in identifying potential vulnerabilities within these critical systems and providing guidance on how to remediate them. By doing so, they can help prevent cyber attacks that could cause significant damage to physical infrastructure, disrupt essential services, and even pose a threat to public safety. The use of utility vulnerability scanners is therefore critical for protecting critical infrastructure systems against cyber threats, ensuring business continuity, and safeguarding public safety.
Software
Multiple types of bundled software are available as a solution for this problem. However, OpenVAS stands out as the ideal choice since it meets all the necessary requirements for building a system that is fast, easy to use, and straightforward to manage.
Install and exploit
Before using the main utility update and upgrade your system :
sudo apt update -y && sudo apt dist-upgrade -y
You need to log in to Docker Hub. If so, follow these steps. Register on the website, fill all the needed fields and confirm mail that you will receive after registration:
Install virtualization software for starting container:
apt install docker.io
Press button for confirm installation process. Then you have to log in to Docker Pub via the console using the command:
docker login
Enter your login details and wait for Docker to confirm a successful login that provide access to container in repositories. Now we need to pull container from repositories:
docker pull mikesplain/openvas
Amount data of the file is quiet big, please be patient in process of downloading! After this run container with parameters:
docker run -d -p 443:443 --name openvas mikesplain/openvas
Retrieving the container from the docker registry and launching it will commence. Kindly note that Openvas startup may require a considerable amount of time as NVT's are scanned and databases reconstructed, hence please exercise patience. Upon sighting the message in the logs, you can proceed to access the web user interface by visiting https://localhost.
For login into the system use this credential:
Username: admin
Password: admin
For this software we need to install graphical shell Gnome:
apt install gnome-core
Reboot the server and login through the web console. You have to look at login panel and enter you credentials:
After this go to the application panel and choose needed browser to search URL:
Enter in the Search field URL:
https://localhost
Enter credentials which we consider above of this instruction. Now you have access to modern vulnerability scanner that can help build more secure system!
If you want to change password, at first you need stop container and then use command for change credentials:
docker stop $(docker ps -a -q)
docker run -d -p 443:443 -e OV_PASSWORD=securepassword41 --name openvas mikesplain/openvas
And write complicated password with letters, numbers and special symbols.
Conclusion
Utility vulnerability scanners are crucial in identifying potential security weaknesses in critical infrastructure systems such as energy, water, transportation, and manufacturing. They play a crucial role in preventing cyber attacks that could cause significant damage to physical infrastructure, disrupt essential services, and even pose a threat to public safety. OpenVAS is an ideal choice of software for building a system that is fast, easy to use, and straightforward to manage. By following the steps outlined in this instruction, one can easily install and exploit OpenVAS to secure their critical infrastructure systems against cyber threats. Additionally, it is recommended to change the default password to a more complicated one with letters, numbers, and special symbols for enhanced security.