OpenVAS finds very few vulnerabilities compared to Nexpose
Posted: Fri Jan 16, 2015 5:04 am
Hi
We have installed the latest version of OpenVAS (version 7) on a Fedora (version 20) Linux machine and tried some 5-6 scans. Each scan found 3 vulnerabilities or less. (It found 3 instances of the same vulnerability which is "Source routed packets".)
Details of the scans:
No. of IPs scanned: 5 (4 Windows 7 machines and the Linux machine on which OpenVAS is installed; all machines are in the same subnet)
Port List: All IANA assigned TCP and UDP 2012-02-10, All TCP, OpenVAS Default
Discovery config: Consider Alive
Scan config: Full and very deep ultimate
Type: Unauthenticated (no credentials provided)
NVTs: Up to date
Even the OS fingerprinting was wrong for all the machines except one (OS was reported was Windows without version) in all the scans. The OS of all the other machines (including the Linux box) was reported as "HP JetDirect".
We scanned the same IPs by Nexpose scanner (without authentication credentials) on the same day and it found around 130 vulnerabilities.
Please let me know what could be wrong here or what other different options I should try with OpenVAS to get better results.
Thanks,
Mani
We have installed the latest version of OpenVAS (version 7) on a Fedora (version 20) Linux machine and tried some 5-6 scans. Each scan found 3 vulnerabilities or less. (It found 3 instances of the same vulnerability which is "Source routed packets".)
Details of the scans:
No. of IPs scanned: 5 (4 Windows 7 machines and the Linux machine on which OpenVAS is installed; all machines are in the same subnet)
Port List: All IANA assigned TCP and UDP 2012-02-10, All TCP, OpenVAS Default
Discovery config: Consider Alive
Scan config: Full and very deep ultimate
Type: Unauthenticated (no credentials provided)
NVTs: Up to date
Even the OS fingerprinting was wrong for all the machines except one (OS was reported was Windows without version) in all the scans. The OS of all the other machines (including the Linux box) was reported as "HP JetDirect".
We scanned the same IPs by Nexpose scanner (without authentication credentials) on the same day and it found around 130 vulnerabilities.
Please let me know what could be wrong here or what other different options I should try with OpenVAS to get better results.
Thanks,
Mani