Thank you for your answer. Sorry for not being as clear as I wanted to.
I performed a scan on a server. This server is behind a firewall that blocks all port except 3 I am scanning, and blocks ICMP protocol. At the end of the scan, I've checked the report and in this report, there is a vulnerability on ping flood in location "general/icmp". As my firewall is supposed to block this protocol, how can OpenVAS find any vulnerability with this protocol ? I hope I'm clear enough this time ! 2017-08-16 10:53 GMT+02:00 Thijs Stuurman < [email protected]>: > Rémi, > > > > Your question is not very clear to me but I will try to answer. > > First of all, which found vulnerability on the ICMP protocol? Detail your > questions please. > > > > Second, you cannot bypass the firewall … it’s a firewall, there doing what > it is supposed to. > > So either you find nothing, because of the firewall, and confirm your > firewalling is OK. > > Or you whitelist your scanner in the firewall and test the system > regardless. > > > > > > Thijs Stuurman > > Security Operations Center | KPN Internedservices > > [email protected] | [email protected] > > T: +31(0)299476185 <+31%20299%20476%20185> | M: +31(0)624366778 > <+31%206%2024366778> > > PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/) > > Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048 > > > > W: https://www.internedservices.nl | L: http://nl.linkedin.com/in/ > thijsstuurman > > > > *Van:* Openvas-discuss [mailto:[email protected]] > *Namens *Rémi Liquete > *Verzonden:* woensdag 16 augustus 2017 10:46 > *Aan:* [email protected] > *Onderwerp:* [Openvas-discuss] Vulnerability found on blocked port > > > > Hello, > > I've perform a scan on 3 TCP ports (lists en ports lists). > > The firewall blocks aswell the ICMP protocol. > > The question is : Is that normal that OpenVAS found a vulnerability on the > ICMP protocol ? > > If this is normal, how can the scan bypass the firewall ? > > Regards, > > Rémi. >
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
