OpenVAS: Linux Local Security Checks

Basis of the procedure

For simplification, there is the possibility to use so-called automatically generated credentials.


After the save a debian package can be downloaded. If the package is installed on a target system, the required user is created automatically. Uninstalling the package deletes the user.



dpkg --install openvas-lsc-target-openvas1.deb
Vormals nicht ausgewähltes Paket openvas-lsc-target-openvas1 wird gewählt.
(Lese Datenbank ... 91170 Dateien und Verzeichnisse sind derzeit installiert.)
Vorbereitung zum Entpacken von openvas-lsc-target-openvas1.deb ...
Entpacken von openvas-lsc-target-openvas1 (0.5-1) ...
openvas-lsc-target-openvas1 (0.5-1) wird eingerichtet ...


dpkg --remove openvas-lsc-target-openvas1
(Lese Datenbank ... 91176 Dateien und Verzeichnisse sind derzeit installiert.)
Entfernen von openvas-lsc-target-openvas1 (0.5-1) ...
openvas1:x:1001:1001:OpenVAS Local Security Checks:/home/openvas1:/bin/bash

Check the file /etc/passwd to check the user entry

cat /etc/passwd | grep openvas1
openvas1:x:1001:1001:OpenVAS Local Security Checks:/home/openvas1:/bin/bash


Alternatively, a rpm file can be generated for other linux systems or an exe file for windows systems.

The credentials must be used in a target.



With the “SSH Authorization Check” NVT the successful ssh login can be checked.


Successful log in:



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s