Hi, I want to know if OpenVAS with the GSA interface are the right tools for my situation. What are your suggestions for getting my information from OpenVAS & GSA? Are there alternatives that are better suited?
I need: - reporting of hosts with their vulnerabilities - reporting of vulnerabilities found on which hosts - reported host lists are to be forwarded to other groups for remediation - reported hosts are to be re-scanned to verify remediation - ability to identify host changes at different points in time - pretty reports for management - importing of host / port lists from masscan, nmap. - DNS name resolution of the hosts after importing What is missing in OpenVAS/GSA? Situation: - Scanning most of our network (15 Class Bs, 10 Class Cs) of 1,000,000 IPv4 addresses. Leaving some of the network off this list (36 Class Cs) - Using masscan to get initial coarse results (will be some loss based upon rate of scanning). - Using 65 ports of initial interest - Need to follow up with more comprehensive scans of 23,000 identified hosts of interest from my first set of scans. - Currently running on the latest version of Kali Linux - Built OpenVAS-8 from source before the cookbook was available. Have some minor glitches to be worked out. Suitability? Your comments? Cheers, Graham Bennett <Strong network background, starting to learn OpenVAS>
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
