openvas test results
-
I think they are applied and that openvas is being dumb.
-
The updates that openvas says are missing are actually installed.
and
-
Does anyone still have an OpenVAS scanner going?
-
I use mine every couple weeks. It is off right now
-
@momurda said in openvas test results:
I use mine every couple weeks. It is off right now
I'm asking because I don't have anything set up, and was curious if anyone could do a non-intrusive vunlerability scan against my VPSs, one on GCP and one on turnkeyinternet?
I'd like to compare the results...
-
If you give me ip and port i can setup and run a scan. It is incredibly slow here this week. I shouldnt even be in the office.
-
@momurda said in openvas test results:
If you give me ip and port i can setup and run a scan. It is incredibly slow here this week. I shouldnt even be in the office.
See what comes up just from that info.
-
Ok scanning now
edit: openvas tripped the IPS and got banned from all net activity for 20 minutes while scanning these sites, so it was working. -
@momurda said in openvas test results:
Ok scanning now
edit: openvas tripped the IPS and got banned from all net activity for 20 minutes while scanning these sites, so it was working.Okay, I will see about turning it off later today. I'll let you know. Thanks for trying.
-
@tim_g I meant my IPS. It has resumed scanning after the 20 minute ban.
-
@momurda said in openvas test results:
@tim_g I meant my IPS. It has resumed scanning after the 20 minute ban.
Ah I see
-
These scans take about 50x as long over the internet as internally, even over a Gb WAN connection.
Do you want me to post results here as screenies or do you want a pdf pm to you? -
@momurda said in openvas test results:
These scans take about 50x as long over the internet as internally, even over a Gb WAN connection.
Do you want me to post results here as screenies or do you want a pdf pm to you?Don't publicly post them!
-
@momurda said in openvas test results:
These scans take about 50x as long over the internet as internally, even over a Gb WAN connection.
Do you want me to post results here as screenies or do you want a pdf pm to you?It depends on the results.
If it's just saying "hey these are the open ports", public is fine. I can already tell you SSH, Cockpit, Salt, and MC ports are open on the one VPS... as they should be.
If it gets deep into things that are a real vulnerability, that are fixable, then I'd rather keep private until I can fix them... then I or you can post them publicly.
-
Ok you can decide, ill send them when done. One is at 98%, the other 16%.
So far i have had to lower QoD to 0 and include Log and FP to get anything to show on results page.