[Openvas-discuss] how to configure openvas

Stephen Villano stephen.p.villano at gmail.com
Fri Jan 6 04:57:49 CET 2012


OK, I've used ISS and Retina extensively over a handful of years.
ISS is like greased lightning and quite accurate. The old Retina was fast, then eEye switched to java and it moved along in a glacial fashion. One needed a LOT of tweaks to make it move at a reasonable rate, but was still far slower (and, initially loaded with false positives and clear misses of TRUE positives (though that was at a MASSIVELY lower rate).
This scanner is a lot new to me. Quite accurate, but being far more configurable, more initial labor intensive and STILL a lot slower than ISS.
THAT all said, one has a few things to consider, the least of which is, how much did you pay for openvas vs ISS?
How many MORE vulnerabilities have been introduced in the wild that have to be tested for and how many platforms does ISS test vs openvas?
THEN consider the number of platform agents currently available for the scanner, as opposed to scanning as a foreign platform probing. 
For us, we want speed, indeed, results of today delivered yesterday would be ideal. Malware authors, crackers, "hackers", etc have a LOT of time to do slow evaluations of systems and networks before moving on any detected vulnerabilities.

I WILL caveat that I tested the scanner on a virtual machine of low memory on one class C, with a dozen hosts on it. It sailed past "non-responding" IP's, but was a bit intensive on the detected hosts. 
Overall, I'd go with two choices for scanners at the same time:
ISS
Openvas.
I don't use ONE scanner and hope like hell the company did their job. 
Could openvas be faster? Perhaps, with some optimization and tuning. Is openvas thorough? Yep, as thorough as ISS, overall.
But, then one considers the number of platforms supported and tested by each, openvas wins.

On Jan 5, 2012, at 10:07 PM, Jaze Lee wrote:

> Hello,
>    as far as i know, i found openvas is less competitive than isscan 2.2.4, for when i scaned a subnet like 192.168.10.0/24, isscan can finish in several minutes, but openvas may use some hours. Does the default configure is not in place? If that, is there some manual can help me to configure openvas so that  openvas can run less slowly?
> 
> Best Regards
> Lee
> _______________________________________________
> Openvas-discuss mailing list
> Openvas-discuss at wald.intevation.org
> http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20120105/d61f7bad/attachment.html>


More information about the Openvas-discuss mailing list