2015-04-30 23:20 GMT+03:00 Bennett, Graham MTIC:EX <[email protected] >:
> Hi, > > I want to know if OpenVAS with the GSA interface are the right tools for > my situation. > What are your suggestions for getting my information from OpenVAS & GSA? > Are there alternatives that are better suited? > > I need: > - reporting of hosts with their vulnerabilities > - reporting of vulnerabilities found on which hosts > - reported host lists are to be forwarded to other groups for > remediation > - reported hosts are to be re-scanned to verify remediation > - ability to identify host changes at different points in time > - pretty reports for management > - importing of host / port lists from masscan, nmap. > - DNS name resolution of the hosts after importing > > What is missing in OpenVAS/GSA? > > Situation: > - Scanning most of our network (15 Class Bs, 10 Class Cs) of 1,000,000 > IPv4 addresses. Leaving some of the network off this list (36 Class Cs) > - Using masscan to get initial coarse results (will be some loss based > upon rate of scanning). > - Using 65 ports of initial interest > - Need to follow up with more comprehensive scans of 23,000 identified > hosts of interest from my first set of scans. > - Currently running on the latest version of Kali Linux > - Built OpenVAS-8 from source before the cookbook was available. Have > some minor glitches to be worked out. > > Suitability? Your comments? > > Sounds like huge job. This requires custom modifications to openvas and lots of openvas scanning machines, if you are planning to finish your openvas scanning in one month .. -- Eero
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
