To partly answer myself, once I go to create a new scan config based on "Full and fast" I see a listing that's a lot more coherent than how GSA shows scan configs when looking at them without editing capabilities. A far different view. It shows that in "Full and fast" BOTH "Launch Nmap for Network Scanning" and "OpenVAS TCP Scanner" are off. What's on is "Nmap (NASL wrapper)" and "Ping Host." (Ping in the the port scan category?)
Now, I'm guessing since others report scans finding ports when run with the default config that "Nmap (NASL wrapper)" must be effective for them and not for me? I also see that using Nmap with an NASL wrapper is the way Nessus handles it. What an NASL wrapper is I don't know. But this sure looks like where the breakage has been for me. Something else I'd need to install to have this work? Or does "Nmap (NASL wrapper)" being on mean nothing without "Launch Nmap for Network Scanning" also being on? That is, are they alternate ways of running Nmap, or interdependent? Per the Nessus docs, there Nmap _requires_ the NASL wrapper. But of course the configuration method is quite different. As side question, GSA _only_ allows scan configs to be base on "Full and fast" or an empty config. Or I suppose other configs can be exported to XML and then imported and edited? But why not take the same direct route to modification? Thanks, Whit On Thu, Aug 09, 2012 at 10:37:09AM -0400, Whit Blauvelt wrote: > Back in 2009 when nmap 5.0 was released, an OpenVAS dev, Tim Brown, posted > to Slashdot, "It's worth noting that we at OpenVAS like the nmap > developments so much that a couple of the OpenVAS developers are looking to > actively contribute and we're considering libnmap as a replacement for the > rather fragile port / service discovery functionality we inherited." > > http://tech.slashdot.org/story/09/07/16/1924232/Nmap-500-Released-With-Many-Improvements > > Where did things go from there? Are there still two different port/service > discovery mechanisms - the inherited one plus nmap (if configured for it)? > > In the lack of any port/service discovery in my OpenVAS 5 installs first off a > failure of the "rather fragile" mechanism, and then secondarily a need to > change the default configs to have nmap invoked at all? > > Also, is what GSA shows in the config as "nmap rcp port scans" um, "nmap > port scans" in general, or is that to do with scanning for rcp service on > port 514? > > Thanks, > Whit _______________________________________________ Openvas-discuss mailing list [email protected] http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
