Thank you for the good suggestions! 1. I tested setting target as consider alive, full tcp scan and full and fast and tried again to scan over VPN, the results are exactly the same as before and no improvement.
2. I tried probing the target host with nmap over VPN, it showed "0 hosts up". So nmap showed the same unwanted results as openvas. Any suggestions on how to make changes? Thanks a lot! TY On Tue, Nov 24, 2015 at 3:57 AM, Eero Volotinen <[email protected]> wrote: > It's really hard to guess all your settings and configurations. > > please set target to consider alive, full tcp scan and full and fast and > try again. you should also try scan same target using nmap and compare > results. > > -- > Eero > > 2015-11-23 19:59 GMT+02:00 Tianyi Yang <[email protected]>: > >> Hi everyone, >> >> I was scanning a same device over VPN and through direct connect with >> exactly the same configurations, and found the results are essentially >> different. >> >> The results over VPN only catch 5 Logs in the following, i.e. >> 3com switch2hub (general/tcp) (Log) >> OS fingerprinting (general/tcp) (Log) >> ICMP Timestamp Detection (general/tcp) (Log) >> Traceroute (general/tcp) (Log) >> CPE Inventory (general/tcp) (Log) >> >> However, in the results when connect directly between the scanned device >> and the scanner host, 2 High and 11 Logs are found. In addition to those >> listed above, there are: >> Multiple NetGear ProSafe Switches Information Disclosure Vulnerability >> (80/tcp) (High) >> Report default community names of the SNMP Agent (161 tcp) (High) >> HTTP Server type and version (80/tcp) (Log) >> Services (80/tcp) (Log) >> Web mirroring (80/tcp) (Log) >> Directory Scanner (80/tcp) (Log) >> wapiti (NASL wrapper) (80/tcp) (Log) >> An SNMP Agent is running (161/udp) (Log) >> >> We see that the job over VPN has only results in locations "general/tcp". >> And I further found that the VPN results were independent of the port list, >> which means even if we specifies an EMPTY port list, the outcome is exactly >> the same. And I read the logs on the scanned device site and found only >> ports, e.g. TCP 22 and UDP 69 were probed. However, the requested ports >> like TCP 80 and UDP 161 were never probed over VPN. >> >> Does anyone have insights what's wrong with my scan jobs/setup/configs >> over VPN? I appreciate it! >> >> TY >> >> _______________________________________________ >> Openvas-discuss mailing list >> [email protected] >> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss >> > >
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
