About OpenVAS
OpenVAS stands for Open Vulnerability Assessment System and is a network security scanner with associated tools like a graphical user front-end. The core component is a server with a set of network vulnerability tests (NVTs) to detect security problems in remote systems and applications.
OpenVAS products are Free Software under GNU GPL and a fork of Nessus.
Status: (as of June 10th, 2009)
- The OpenVAS NVT Feed service offers more than 12,100 signed scripts.
- A small number of NVTs inherited from Nessus are still broken because they depend on a non-free component.
- The latest releases:
- openvas-libraries 2.0.3 (June 10th, 2009)
- openvas-client 2.0.4 (June 5th, 2009)
- openvas-server 2.0.2 (June 3rd, 2009)
- openvas-plugins 1.0.7 (May 28th, 2009)
- openvas-libnasl 2.0.1 (February 12th, 2009)
See also the Roadmap for upcoming changes and events.
Do you want to be the first to know about important OpenVAS developments? Consider subscribing to the OpenVAS-Announcement mailing list.
Project News
April 9th, 2009 - OpenVAS now beyond 10000 Network Vulnerability Tests
Passing the 10000th Network Vulnerability Test (NVT) is a perfect occasion to report about the progress of the OpenVAS project[1].
In October 2008 the systematic development of new NVTs started with a base of around 5800 Tests. With the release of OpenVAS 2.0 in December 2008, the development was boosted and has now reached an average of 10 code updates per day. The public OpenVAS NVT Feed Service delivers 3-10 new vulnerability tests every day.
December 17th, 2008 - OpenVAS 2.0.0 released
On December 17th, 2008, the OpenVAS developer team released OpenVAS 2.0.0 which marks the start of the next generation of the Open Vulnerability Assessment System for network security scanning.
December 5th, 2008 - OpenVAS 2.0-rc1 released
The OpenVAS developers are happy to announce the release of the 2.0-rc1 versions of openvas-libraries, openvas-libnasl, openvas-server and openvas-client.
This release is the first release candidate for the upcoming 2.0 release of OpenVAS. Unless serious bugs are discovered, this release candidate will become the final OpenVAS 2.0 release. Users are encouraged to test this release and to report bugs to the OpenVAS bug tracker located at http://bugs.openvas.org/ .
This release marks another milestone towards the improvement of the OpenVAS infrastructure; it uses the finalized version of OTP, the new OpenVAS Transport Protocol which debuted in 2.0-beta1 and has now completely replaced the old Nessus Transport Protocol (NTP).
November 14th, 2008 - OpenVAS and backtrack
As OpenVAS is not in Backtrack 3 by default (yet!). You can download lzm module or download remastered backtrack3 which includes OpenVAS lzm (it still fits on 700 Mb CD). It's good way of testing OpenVAS in case you want to try it out.
Older news can be found in the news archive.
Contact
The best way to contact the OpenVAS development team is to subscribe to the discussions mailing list or to contact the team in our Online Chat.
The OpenVAS web site and development platform is currently operated by:
Intevation GmbH
Neuer Graben 17
49074 Osnabrück
Germany
www.intevation.de
Authorized: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
Registered as: HR B 18998, Amtsgericht Osnabrück
VAT ID: de 204 854 484
E-Mail: info@intevation.de
Phone: +49 541 33508-30