[Openvas-discuss] Why is OpenVAS is missing obvious open ports?

Stefan Schwarz Stefan.Schwarz at unibw.de
Fri Aug 3 16:05:58 CEST 2012


Am 03.08.2012 15:43, schrieb Whit Blauvelt:
> On Fri, Aug 03, 2012 at 09:30:51AM -0400, Whit Blauvelt wrote:
>> On Fri, Aug 03, 2012 at 03:01:15PM +0200, Henri Doreau wrote:
>>
>>> do you have nmap installed on the scanner box? Although nmap is not a
>>> hard requirement for OpenVAS, the scanner is able to leverage it and
>>> this can dramatically improve accuracy of the network exploration
>>> phase.
>>
>> Thanks for the suggestion.
>>
>> The Atom process resulted in nmap 5.51 being installed. Does OpenVAS require
>> special configuration to use it?
>
> By comparison nmap has no trouble seeing the open ports in the remote range
> when run from that same VM. Here's just one IP per "nmap -T4 -F":
>
>    Host is up (0.025s latency).
>    Not shown: 90 closed ports
>    PORT     STATE    SERVICE
>    22/tcp   open     ssh
>    53/tcp   open     domain
>    80/tcp   open     http
>    111/tcp  filtered rpcbind
>    113/tcp  filtered auth
>    135/tcp  filtered msrpc
>    139/tcp  filtered netbios-ssn
>    443/tcp  open     https
>    445/tcp  filtered microsoft-ds
>    3306/tcp filtered mysql
>
> So if OpenVAS is trying to leverage nmap results, that's failing.

At a first glance forget about filtered states. So OpenVAS should be 
able to detect your 4 open ports. Take a look at the Log-level on the 
generated reports, there should be at least a scan and host summary with 
detected open ports.

	Stefan

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4937 bytes
Desc: S/MIME Kryptografische Unterschrift
URL: <http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20120803/22c9c69c/attachment.p7s>


More information about the Openvas-discuss mailing list