OpenVAS (Open Source Vulnerability Scanner)
This mod I’m teaching the last class, a capstone if you will, in the Network Security series. We had a discussion a few weeks earlier about vulnerability scanners and Nessus was one my examples. I had a few students and faculty inquire about whether Nessus would be a worthwhile purchase. I said that it depends on a lot of factors and I wouldn’t be able to make that decision. But if they wanted to try a Nessus “like” program for free to checkout OpenVAS.
I had only learned about OpenVAS a few weeks ago when I was doing research on current trends for my lecture. From the About page it’s a fork of Nessus before it went closed-source. I imagine it’s like Nessus in the way CentOS is to RedHat.
It’s on my long list of programs to try but I would suggest anyone with a lab setup to give it a shot. I don’t know the quality of the program but I know from experience sometimes the open-source fork’s can be as good or better then the original product.
If you are using OpenVAS or have tried it, I would really like to get your feedback on it. It seems fairly new so I wasn’t able to find much about it. Please post in the comments if you have experience with Nessus and OpenVAS well enought to give a comparison.
