English | Deutsch
Home »

How to use ovaldi with SLAD

Starting with the 2-2.1 release, ovaldi support is available in SLAD. This means that SLAD is able to use OVAL definitions to identify security issues on the local systems. The ovaldi support in SLAD already includes a large number of OVAL definitions and requires no additional work beyond installing SLAD on the target host.

Important: In the current version, SLAD will not automatically update the included OVAL definitions. This means that the ovaldi integrated in SLAD will miss security threats that have been discovered since the last SLAD release. Due to this limitation, it is not yet recommended for production use.

Instructions

To use ovaldi with SLAD you have to install SLAD on the target system. The easiest way to do this is to use SLADinstaller; information on installing and using SLADinstaller is available here.

Once you have installed SLAD on the target machine, you can instruct the remote SLAD to run ovaldi by enabling the "Execute ovaldi for scanning OVAL described issues" option available in the preferences for the "SLAD run" NVT in OpenVAS-Client. This option is enabled by default. Execute the scan to start the SLAD run on the target machine.

After you have started the scan, you can use the NVT "SLAD fetch results" to retrieve the results of the scan. Be aware that ovaldi usually takes slightly more time to complete than other plugins, so the ovaldi results might not be available when you run "SLAD fetch results" for the first time. In this case, simply wait a moment for ovaldi to finish. You can retrieve the SLAD status by running additional scans with "SLAD fetch results" enabled.

The results of the ovaldi run will be displayed along with the results of the other SLAD plugins and other NVTs in OpenVAS-Client. If ovaldi was able to identify vulnerabilities on the target host, the output will look similar to this screenshot:

Results of an ovaldi scan using SLAD displayed in OpenVAS-Client