I am using Greenbone Security Assistant 6.0.10 OpenVas 5.0.5
System is set up fine and I can run default prepacked scans against various hosts. However, the scan I really need to run is the Web Application Scan from: http://greenbone.net/download/web-app-scan.xml I have imported this and selected 8 Families to include in my test. My target is an ElasticLoadBalancer in AWS EC2, which is a Ruby application with an NGinx front end that redirects any non-authenticated users to a Devise authentication gem. Whenever I run the test, I just get an empty report. My target host is set up to be "Considered Alive" and when I use it with other Scan Configs (eg System Discovery) I get a detailed report. There is nothing in the log files, just: event task:MESSAGE:2016-09-07 11h00.10 UTC:2120: Status of task vultest-dev (c64cef52-e3b4-4f4e-9b7a-d3f04b98a4fd) has changed to Requested event task:MESSAGE:2016-09-07 11h00.10 UTC:2120: Task c64cef52-e3b4-4f4e-9b7a-d3f04b98a4fd has been requested to start by admin event task:MESSAGE:2016-09-07 11h00.17 UTC:2122: Status of task vultest-dev (c64cef52-e3b4-4f4e-9b7a-d3f04b98a4fd) has changed to Running event task:MESSAGE:2016-09-07 11h00.50 UTC:2122: Status of task vultest-dev (c64cef52-e3b4-4f4e-9b7a-d3f04b98a4fd) has changed to Done I have also tried this Scan Config directly against a host running a vanilla Apache server, and again, it won't produce any results. I have tried used the OpenVas Default Port List, and a scaled down HTTP port list. Is there something else I need to configure to get the Web Application Scan Config to work? thx Garreth -- Garreth McDaid | Lead Cloud Operations Engineer Skype: garreth_mcdaid_clavis Boston | London | Shanghai | Dublin 7th Floor, O’Connell Bridge House, D’Olier Street Dublin 2 +353 1 2543440 www.clavisinsight.com _______________________________________________ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
