About

OpenVAS
Constitution
OpenVAS-Server
OpenVAS-Client
OpenVAS NVT Feed

Information/Howtos

Integrated Tools
Related Tools
Sources For Security Issues
Creation Process For NVTs
Trusted NVTs
NVT Feeds
Performing Local Security Checks
Articles/Studies
OpenVAS Compendium (en)
OpenVAS Compendium (de)

Support

Team & Tasks

Bug Tracker

Mailinglist Discussion:
Archive | Subscribe
Mailinglist Announcements:
Archive | Subscribe

Online Chat

FAQ

Professional Services

Developers Corner

Development Platform
Code quality
Change requests
Internal Architecture
Assigning OIDs for NVTS
DevCon2
DevCon2 - Minutes
Code Documenation

Mailinglist Development:
Archive | Subscribe
Mailinglist Writing NVTs:
Archive | Subscribe
Mailinglist Packaging/Distributing:
Archive | Subscribe
Mailinglist Source Code Commits:
Archive | Subscribe

Download

OpenVAS 3.0:
openvas-libraries 3.0.4
openvas-scanner 3.0.1
openvas-client 3.0.0
Optional:
openvas-manager 1.0.0-beta5
openvas-administrator 0.7.0
gsa 1.0.0-beta5

OpenVAS 2.0:
Server components:
openvas-libraries 2.0.4
openvas-libnasl 2.0.2
openvas-server 2.0.3
openvas-plugins 1.0.7
Client:
openvas-client 2.0.5

Documentation:
OpenVAS Compendium 1.0.1
PDF (en)
PDF (de)

More downloads...

NVT Lookup by OID

(replace 61039 by any other old-style ID)

How to use ovaldi with SLAD

Starting with the 2-2.1 release, ovaldi support is available in SLAD. This means that SLAD is able to use OVAL definitions to identify security issues on the local systems. The ovaldi support in SLAD already includes a large number of OVAL definitions and requires no additional work beyond installing SLAD on the target host.

Important: In the current version, SLAD will not automatically update the included OVAL definitions. This means that the ovaldi integrated in SLAD will miss security threats that have been discovered since the last SLAD release. Due to this limitation, it is not yet recommended for production use.

Instructions

To use ovaldi with SLAD you have to install SLAD on the target system. The easiest way to do this is to use SLADinstaller; information on installing and using SLADinstaller is available here.

Once you have installed SLAD on the target machine, you can instruct the remote SLAD to run ovaldi by enabling the "Execute ovaldi for scanning OVAL described issues" option available in the preferences for the "SLAD run" NVT in OpenVAS-Client. This option is enabled by default. Execute the scan to start the SLAD run on the target machine.

After you have started the scan, you can use the NVT "SLAD fetch results" to retrieve the results of the scan. Be aware that ovaldi usually takes slightly more time to complete than other plugins, so the ovaldi results might not be available when you run "SLAD fetch results" for the first time. In this case, simply wait a moment for ovaldi to finish. You can retrieve the SLAD status by running additional scans with "SLAD fetch results" enabled.

The results of the ovaldi run will be displayed along with the results of the other SLAD plugins and other NVTs in OpenVAS-Client. If ovaldi was able to identify vulnerabilities on the target host, the output will look similar to this screenshot:

Results of an ovaldi scan using SLAD displayed in OpenVAS-Client