 |  |  | Choose Location of Scan-Server |
Choose Location of Scan-Server
If you are planning to use the OpenVAS security scanner in your network, the
best location for the machine running the server module depends on the targets
you want to evaluate:
- Target is a public server:
Several tests do follow the very same path
as various attacks do: from a remote network.
If you are only interested in these tests,
you may use a arbitrary location of your OpenVAS
server outside of the targeted network.
However, you are advised to contact the
administration of the target systems beforehand and inform them that you
are planning on running OpenVAS against their machines.
Because OpenVAS will actively look for vulnerabilities on the target
system, a scan will under certain circumstances look like a real attack on
the target system and might be acted upon legally and/or technically by
the administration of the system in question.
- Targets are intranet desktops and servers:
In this case you should directly coordinate with
your system administration.
Depending on the complexity of the intranet, you
may need to find out how to reach specific subnets
from your OpenVAS Server installation. In some cases
it might be an option to install several OpenVAS Servers.
For local security checks you need to prepare the target systems
for remote access. For unixoid systems this is usually via ssh connections,
for Windows it is about SMB shares.
| | | Choose Location of Scan-Server |