[Openvas-devel] Network Inventory via OpenVAS

Chandrashekhar B bchandra at secpod.com
Wed Feb 11 08:34:00 CET 2009


-----Original Message-----
From: openvas-devel-bounces at wald.intevation.org
[mailto:openvas-devel-bounces at wald.intevation.org] On Behalf Of Jan-Oliver
Wagner
Sent: Tuesday, February 10, 2009 4:53 AM
To: openvas-devel at wald.intevation.org
Subject: [Openvas-devel] Network Inventory via OpenVAS

> Hi,

> I'd like to have OpenVAS be able to collect a network inventory and report
> it. Actually, sort of a network inventory happens anyway during a scan, so

> this is a natural consequence I guess.

> Real nice summaries for the network appear to be a problem as it is
> scanning per host.

> So, I see a couple of questions from which a discussion might
> end up with a good plan for a helpful inventory:

> * Would it be possible or sensible to allow for a server side method
>   to aggregate network data?
> * Or would it be easier / more consistent to do an aggregation in the 
> client?

Client side would be good for report aggregation as it would be just an
extension to the client and won't interfere with the server. Gathering
information is anyway server's job but, how it is presented should be the
client's work. This would mean, we need to have a method to fetch all KB
items set. 

> * Does nmap already the job and should be used directly?

NMAP can do to an extent: host, port, and remotely accessible services.
Inventory would ideally be exhaustive information and lot of that
information has to be fetched through local checks. 

> * Do standard network inventory specifications exists or at least some 
> common  
>   practice?


Thanks,
Chandra.



More information about the Openvas-devel mailing list