Remi, What is the vulnerability OID number? (This should be mentioned in the details of the vulnerability, at the bottem under the Log Method section)
Thijs Stuurman Security Operations Center | KPN Internedservices [email protected]<mailto:[email protected]> | [email protected]<mailto:[email protected]> T: +31(0)299476185 | M: +31(0)624366778 PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/) Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048 W: https://www.internedservices.nl<https://www.internedservices.nl/> | L: http://nl.linkedin.com/in/thijsstuurman Van: Rémi Liquete [mailto:[email protected]] Verzonden: woensdag 16 augustus 2017 11:04 Aan: Thijs Stuurman <[email protected]> CC: [email protected] Onderwerp: Re: [Openvas-discuss] Vulnerability found on blocked port Thank you for your answer. Sorry for not being as clear as I wanted to. I performed a scan on a server. This server is behind a firewall that blocks all port except 3 I am scanning, and blocks ICMP protocol. At the end of the scan, I've checked the report and in this report, there is a vulnerability on ping flood in location "general/icmp". As my firewall is supposed to block this protocol, how can OpenVAS find any vulnerability with this protocol ? I hope I'm clear enough this time ! 2017-08-16 10:53 GMT+02:00 Thijs Stuurman <[email protected]<mailto:[email protected]>>: Rémi, Your question is not very clear to me but I will try to answer. First of all, which found vulnerability on the ICMP protocol? Detail your questions please. Second, you cannot bypass the firewall … it’s a firewall, there doing what it is supposed to. So either you find nothing, because of the firewall, and confirm your firewalling is OK. Or you whitelist your scanner in the firewall and test the system regardless. Thijs Stuurman Security Operations Center | KPN Internedservices [email protected]<mailto:[email protected]> | [email protected]<mailto:[email protected]> T: +31(0)299476185<tel:+31%20299%20476%20185> | M: +31(0)624366778<tel:+31%206%2024366778> PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/) Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048 W: https://www.internedservices.nl<https://www.internedservices.nl/> | L: http://nl.linkedin.com/in/thijsstuurman Van: Openvas-discuss [mailto:[email protected]<mailto:[email protected]>] Namens Rémi Liquete Verzonden: woensdag 16 augustus 2017 10:46 Aan: [email protected]<mailto:[email protected]> Onderwerp: [Openvas-discuss] Vulnerability found on blocked port Hello, I've perform a scan on 3 TCP ports (lists en ports lists). The firewall blocks aswell the ICMP protocol. The question is : Is that normal that OpenVAS found a vulnerability on the ICMP protocol ? If this is normal, how can the scan bypass the firewall ? Regards, Rémi.
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
