OpenVAS works fine for PCI internal scanning as long as parameters are correct and you really know how to use product.
Full and fast does not include all tcp ports, if I remember correctly. -- Eero 2017-08-24 12:10 GMT+03:00 Thijs Stuurman < [email protected]>: > I suppose the default scan config “Full and fast” would suffice. > > Personally I do not use OpenVAS for PCI environments and opted for a > Nessus VM which has a PCI internal vulnerability scan option. > > The only reason for that is because the PCI auditors (and our customers) > know and trust Nessus and it clearly shows it is a PCI internal scan which > was performed. > > It just makes the audits easier. > > > > If in any doubt, contact your PCI auditor to verify what he thinks is > acceptable. > > > > > > > > Thijs Stuurman > > Security Operations Center | KPN Internedservices > > [email protected] | [email protected] > > T: +31(0)299476185 <+31%20299%20476%20185> | M: +31(0)624366778 > <+31%206%2024366778> > > PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/) > > Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048 > > > > W: https://www.internedservices.nl | L: http://nl.linkedin.com/in/ > thijsstuurman > > > > *Van:* Openvas-discuss [mailto:[email protected]] > *Namens *Ahmad Al-Talafha > *Verzonden:* donderdag 24 augustus 2017 11:02 > *Aan:* Eero Volotinen <[email protected]> > *CC:* [email protected] > *Onderwerp:* Re: [Openvas-discuss] DSS PCI NVT family missing > > > > Hi Eero, > > > > Please can you tell me in this case which NVT family to choose, and how I > can check if all plugins are enabled > > > > > > Best Regards, > > > > *Ahmad Al Talafha* > > > > > > *From:* [email protected] [mailto:[email protected] > <[email protected]>] *On Behalf Of *Eero Volotinen > *Sent:* Thursday, August 24, 2017 10:32 AM > *To:* Ahmad Al-Talafha <[email protected]> > *Cc:* [email protected] > *Subject:* Re: [Openvas-discuss] DSS PCI NVT family missing > > > > There is no such as PCI family in openvas. For internal PCI scanning you > need to enable all plugins and scan all tcp ports. > > Eero > > > > 2017-08-24 10:07 GMT+03:00 Ahmad Al-Talafha <[email protected]>: > > Dears, > > > > Hope this mail finds you well > > > > I am using openvas Version 7.0.2, and I am trying to run a PCI compliance > scan but I cant find PCI family in the NVTs. > > > > My NVTs status shows “*Too old (14 days)* - Please check the automatic > synchronization of your system” > > > > Please advise on this case, what I am missing > > > > > > Best Regards, > > > > *Ahmad Al Talafha* > > > > > _______________________________________________ > Openvas-discuss mailing list > [email protected] > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss > > >
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
