creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-13 14:44:58 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5f3fa32486ea335db802d68fe2147fa2da69583
Anthropic-Cybersecurity-Skills/skills/performing-authenticated-scan-with-openvas/assets/template.md
T

2.3 KiB
Raw Blame History

OpenVAS Authenticated Scan - Configuration Template

Scan Service Account Requirements

Linux SSH Scan Account

# Create dedicated scan user on target hosts
sudo useradd -r -s /bin/bash -m -c "OpenVAS Scan Account" openvas_scan
sudo usermod -aG sudo openvas_scan  # Or grant specific sudoers entries

# Minimal sudoers entry for authenticated scanning
# /etc/sudoers.d/openvas_scan
openvas_scan ALL=(ALL) NOPASSWD: /usr/bin/dpkg -l
openvas_scan ALL=(ALL) NOPASSWD: /usr/bin/rpm -qa
openvas_scan ALL=(ALL) NOPASSWD: /bin/cat /etc/shadow
openvas_scan ALL=(ALL) NOPASSWD: /usr/sbin/dmidecode
openvas_scan ALL=(ALL) NOPASSWD: /sbin/ip addr

Windows SMB Scan Account

Domain: CORP
Account: svc_openvas_scan
Groups: Domain Users, Local Administrators (on targets)
Password Policy: 32+ character randomly generated
Account Type: Service account (no interactive login)
Logon Hours: Restricted to scan window (e.g., Sunday 2-6 AM)

Target Group Definitions

Target Group Hosts Credential Type Scan Schedule
Linux Production 10.1.0.0/24 SSH Key Weekly Sunday 2 AM
Linux Development 10.2.0.0/24 SSH Key Monthly 1st Sunday
Windows Servers 10.1.1.0/24 SMB Domain Weekly Sunday 3 AM
Windows Workstations 10.3.0.0/16 SMB Domain Monthly 1st Sunday
ESXi Hosts 10.1.2.10-20 ESXi Root Monthly 1st Sunday

Scan Configuration Selection Guide

Scenario Recommended Config Max Concurrent NVTs Notes
Production (low impact) Full and fast 4 Safe checks only
Staging/QA Full and deep 10 May trigger IDS alerts
PCI Compliance Full and fast + PCI NVTs 4 Map findings to PCI requirements
Post-Patch Validation System Discovery + targeted 20 Quick verification scan

Pre-Scan Checklist

  • Feed synchronization completed within last 24 hours
  • Scan credentials tested and verified on sample hosts
  • Change management ticket approved for scan window
  • IDS/IPS exceptions configured for scanner IP
  • Notification sent to system owners about scan window
  • Previous scan results archived
  • Sufficient disk space for report storage (>10GB)
  • Scanner system health verified (CPU, memory, disk)
Reference in New Issue View Git Blame Copy Permalink