Hi I have noticed a strange behavior while scanning a Windows client with an SNMP service running on UDP Port 161. The open port/service is only discovered when I use a custom Port List with only a few UDP Ports (it works with a list containing 17 UDP ports but does not work with 34 UDP ports). I tried different Scan Configs including "Full and fast", "Full and fast ultimate" and "Full and very deep" but I could not notice any considerable difference in the results.
On the Windows client, the Windows Firewall is active with an inbound and outbound exception for the SNMP service. I can successfully access the service from the system, where the OpenVAS scanner is installed. If I deactivate the Windows Firewall on the target system, OpenVAS does always detect the SNMP service no matter what Port List is used. I’m running OpenVAS Scanner 5.0.4 with OpenVAS Manager 6.0.5 and Greenbone Security Assistant 6.0.5 on a Kali Linux 2016.1 distribution. For testing purposes, both systems are connected using an unmanaged switch. Can anybody explain this strange behavior to me? Do I need to open any additional ports in the Windows Firewall, so that OpenVAS can reliably discover the SNMP service? Many thanks Daniel _______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
