Hello, I am a new user of OpenVAS. So far I have successfully used it to do an external vulnerability test of my server. However, our firewall blocks many of the ports (as it should).
I would like to perform an "internal vulnerability test", simulating an attacker that is within the local network, behind the firewall. But I would prefer to not actually run OpenVAS within the network, if possible, because of our server/network configuration. I am hoping that there is a way that I can operate OpenVAS through a SSH tunnel, so I could open up a SSH tunnel to a machine within the network and run the scans through that tunnel, which would accomplish the same thing as if OpenVAS were actually running on that machine. I set up a SSH credentialed scan within OpenVAS, thinking this would do what I would like, but it is performing the scan from outside the firewall again, just like before. So either I'm doing it wrong or this is not the proper way of accomplishing my goal. Can anyone give me a pointer of how to go about doing this? Thanks, Nick
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
