Hi everyone, I was scanning a same device over VPN and through direct connect with exactly the same configurations, and found the results are essentially different.
The results over VPN only catch 5 Logs in the following, i.e. 3com switch2hub (general/tcp) (Log) OS fingerprinting (general/tcp) (Log) ICMP Timestamp Detection (general/tcp) (Log) Traceroute (general/tcp) (Log) CPE Inventory (general/tcp) (Log) However, in the results when connect directly between the scanned device and the scanner host, 2 High and 11 Logs are found. In addition to those listed above, there are: Multiple NetGear ProSafe Switches Information Disclosure Vulnerability (80/tcp) (High) Report default community names of the SNMP Agent (161 tcp) (High) HTTP Server type and version (80/tcp) (Log) Services (80/tcp) (Log) Web mirroring (80/tcp) (Log) Directory Scanner (80/tcp) (Log) wapiti (NASL wrapper) (80/tcp) (Log) An SNMP Agent is running (161/udp) (Log) We see that the job over VPN has only results in locations "general/tcp". And I further found that the VPN results were independent of the port list, which means even if we specifies an EMPTY port list, the outcome is exactly the same. And I read the logs on the scanned device site and found only ports, e.g. TCP 22 and UDP 69 were probed. However, the requested ports like TCP 80 and UDP 161 were never probed over VPN. Does anyone have insights what's wrong with my scan jobs/setup/configs over VPN? I appreciate it! TY
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
