Dear list I'm currently evaluating Openvas, primarily as a Nessus replacement. I'm working unde Linux using the latest versions for client, server and plugins.
The server I test runs several services (ssh, smtp, http, pop3s, imaps and another http service on port 8443). I always use all plugins and haven't changed the default plugin settings. Now consider the following: In one scan, I only specify port 80 in the port scan list (I leave the "Consider unscanned ports as closed" checkbox unchecked); in the next scan I specify all open ports (22,25,80.993,995,8443). Several issues are reported with respect to port 80 in bot cases, but there are two differences in the sense that two additional issues are listed when I specify only port 80: - Under Security Warning, I get additionally the output of the robots.txt plugin (1.3.6.1.4.1.25623.1.0.10302) - Under Security Notes, I get additionally the output of the Nikto plugin (1.3.6.1.4.1.25623.1.0.14260) Does anyone has an idea, why these two issues are reported in the first but not in the second scan? And yes, I could reproduce this several times. Thanks for any help, Marc _______________________________________________ Openvas-discuss mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
