You can place a slave scanner inside their network and open a route to its IP and port 9390 to communicate with it (OMP Slave). Either through their firewall or setup a VPN. Not all kind of ports, just one port. The Master will always communicate with the slave and push jobs and pull results.
If you want to use your own hardware I found that scanning over a SSH layer 2 VPN works great. You just need a linux machine inside their network and be able to SSH. (you can initiate it from either side and just add additional routes as needed; I actually did this using a Raspberry Pi, it hardly needs resources because it only tunnels traffic) https://help.ubuntu.com/community/SSH_VPN Thijs Stuurman Security Operations Center | KPN Internedservices B.V. [email protected] | [email protected] T: +31(0)299476185 | M: +31(0)624366778 PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/) Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048 W: https://www.internedservices.nl | L: http://nl.linkedin.com/in/thijsstuurman -----Oorspronkelijk bericht----- Van: Openvas-discuss [mailto:[email protected]] Namens Rohit Verzonden: maandag 16 oktober 2017 13:44 Aan: [email protected] Onderwerp: [Openvas-discuss] Internal scanning Hi I unsure best way to do internal scan for client using openvas. I understand there no feature whereby I download agent onto a laptop take to client and scan there network. If so what best method to scan remote internal server of a client internal facing. I guessing my client firewall would need to let me through on all kinds of ports. Any help appreciated . Regards Rohit Sent from my iPad _______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss _______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
