[Openvas-discuss] DSS PCI NVT family missing

Thijs Stuurman Thijs.Stuurman at internedservices.nl
Thu Aug 24 11:16:42 CEST 2017


I was checking my scan configs about those ports. You indeed want to include all the ports and also scan IP’s which do not reply to pings. (do not skip any IP for any reason, just scan everything).


Thijs Stuurman
Security Operations Center | KPN Internedservices
thijs.stuurman at internedservices.nl<mailto:thijs.stuurman at internedservices.nl> | thijs.stuurman at kpn.com<mailto:thijs.stuurman at kpn.com>
T: +31(0)299476185 | M: +31(0)624366778
PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/)
Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048

W: https://www.internedservices.nl<https://www.internedservices.nl/> | L: http://nl.linkedin.com/in/thijsstuurman

Van: eero.t.volotinen at gmail.com [mailto:eero.t.volotinen at gmail.com] Namens Eero Volotinen
Verzonden: donderdag 24 augustus 2017 11:15
Aan: Thijs Stuurman <Thijs.Stuurman at internedservices.nl>
CC: Ahmad Al-Talafha <Ahmad.Al-Talafha at sts.com.jo>; openvas-discuss at wald.intevation.org
Onderwerp: Re: [Openvas-discuss] DSS PCI NVT family missing

OpenVAS works fine for PCI internal scanning as long as parameters are correct and you really know how to use product.

Full and fast does not include all tcp ports, if I remember correctly.

--
Eero

2017-08-24 12:10 GMT+03:00 Thijs Stuurman <Thijs.Stuurman at internedservices.nl<mailto:Thijs.Stuurman at internedservices.nl>>:
I suppose the default scan config “Full and fast” would suffice.
Personally I do not use OpenVAS for PCI environments and opted for a Nessus VM which has a PCI internal vulnerability scan option.
The only reason for that is because the PCI auditors (and our customers) know and trust Nessus and it clearly shows it is a PCI internal scan which was performed.
It just makes the audits easier.

If in any doubt, contact your PCI auditor to verify what he thinks is acceptable.



Thijs Stuurman
Security Operations Center | KPN Internedservices
thijs.stuurman at internedservices.nl<mailto:thijs.stuurman at internedservices.nl> | thijs.stuurman at kpn.com<mailto:thijs.stuurman at kpn.com>
T: +31(0)299476185<tel:+31%20299%20476%20185> | M: +31(0)624366778<tel:+31%206%2024366778>
PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/)
Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048

W: https://www.internedservices.nl<https://www.internedservices.nl/> | L: http://nl.linkedin.com/in/thijsstuurman

Van: Openvas-discuss [mailto:openvas-discuss-bounces at wald.intevation.org<mailto:openvas-discuss-bounces at wald.intevation.org>] Namens Ahmad Al-Talafha
Verzonden: donderdag 24 augustus 2017 11:02
Aan: Eero Volotinen <eero.volotinen at iki.fi<mailto:eero.volotinen at iki.fi>>
CC: openvas-discuss at wald.intevation.org<mailto:openvas-discuss at wald.intevation.org>
Onderwerp: Re: [Openvas-discuss] DSS PCI NVT family missing

Hi Eero,

Please can you tell me in this case which NVT family to choose, and how I can check if all plugins are enabled


Best Regards,

Ahmad Al Talafha




From: eero.t.volotinen at gmail.com<mailto:eero.t.volotinen at gmail.com> [mailto:eero.t.volotinen at gmail.com] On Behalf Of Eero Volotinen
Sent: Thursday, August 24, 2017 10:32 AM
To: Ahmad Al-Talafha <Ahmad.Al-Talafha at sts.com.jo<mailto:Ahmad.Al-Talafha at sts.com.jo>>
Cc: openvas-discuss at wald.intevation.org<mailto:openvas-discuss at wald.intevation.org>
Subject: Re: [Openvas-discuss] DSS PCI NVT family missing

There is no such as PCI family in openvas. For internal PCI scanning you need to enable all plugins and scan all tcp ports.
Eero

2017-08-24 10:07 GMT+03:00 Ahmad Al-Talafha <Ahmad.Al-Talafha at sts.com.jo<mailto:Ahmad.Al-Talafha at sts.com.jo>>:
Dears,

Hope this mail finds you well

I am using openvas Version 7.0.2, and I am trying to run a PCI compliance scan but I cant find PCI family in the NVTs.

My NVTs status shows “Too old (14 days) - Please check the automatic synchronization of your system”

Please advise on this case, what I am missing


Best Regards,

Ahmad Al Talafha




_______________________________________________
Openvas-discuss mailing list
Openvas-discuss at wald.intevation.org<mailto:Openvas-discuss at wald.intevation.org>
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20170824/31863dcc/attachment.html>


More information about the Openvas-discuss mailing list