In Chapter 1, Sharpening the Saw we set up OpenVAS for vulnerability scanning. Nmap does a great job of reporting ports and services but lacks the ability to scan for vulnerabilities. OpenVAS will find the vulnerabilities and produce a report of the systems. OpenVAS updates their vulnerability list weekly so it is best to update OpenVAS before running a scan. To do this on Kali, run the following commands from the terminal window:

root@kalibook : ~ #  OpenVAS-nvt-sync

This will run the vulnerability updates for OpenVAS. The first time you run it you will see the information in the following screenshot asking to migrate to using Rsync to update the vulnerabilities. Enter y and hit the Enter key. The update will start. The first time this is run, it will take quite a while, because it has to give you the entire list of plugins and tests available. In subsequent runs of the update command, it only adds the new or changed data, and is far faster:

Update command

You will also...