[Openvas-discuss] Change in port list has unexpected results

Tue, 23 Jan 2018 09:30:10 -0800 

Hello
This is my first post to this list, please forgive any misbehavior and language errors since I am not a native English speaker.
I have encountered strange results while changing only the port list for some targets.
If I use the wizard (immediate scan) to scan a couple of hosts, I get a report with some medium vulnerabilities. If I clone the target that was created by the wizard and just change the port list to scan all TCP and all UDP, I get a report with only "log level" vulnerabilities. 

I may be doing something wrong but I can't figure out what.

Here is the details for the target used by the wizard :

Comment:        Automatically generated by wizard
Hosts:  example.com, example.io
Exclude Hosts:  
Reverse Lookup Only:    No
Reverse Lookup Unify:   No
Maximum number of hosts:        2
Port List:      OpenVAS Default
Alive Test:     Scan Config Default
Credentials for authenticated checks:
SSH:    
SMB:    
ESXi:   
SNMP:


Here is the target that I modified from a clone of the one above :

Comment:        Modified from automatically generated by wizard
Hosts:  example.com, example.io
Exclude Hosts:  
Reverse Lookup Only:    No
Reverse Lookup Unify:   No
Maximum number of hosts:        2
Port List:      All TCP and UDP
Alive Test:     Scan Config Default
Credentials for authenticated checks:
SSH:    
SMB:    
ESXi:   
SNMP:


Here is my All TCP and UDP port list :


 Port List: All TCP and UDP

Comment:        
Port count:     131070
TCP Port count:         65535
UDP Port count:         65535
<https://openvas1.sysstreaming.com/omp?cmd=get_port_list&port_list_id=08f337d9-f12e-4725-9517-9d5399df7ae0&token=209a3bc9-7212-426a-8d49-a7fc8860cf15#> 


   Port Ranges (2)

Start   End     Protocol
1       65535   tcp
1       65535   udp



The score I get for the task created by the wizard is : 6.4 (Medium)
The score I get for the task ran on the cloned target is : 0.0 (Log)
What I am missing ? AFAICT, I just changed the port list and should, at least, get a score as high as the ones I got with the wizard-created task How can I create a task that would scan "à la" Wizard using all TCP and UDP ports instead of just the ones used by the Wizard ?
I am using OpenVAS9 in a docker container (mikesplain/openvas) and use GreenBone web-based interface and I had the very same problem on my local Ubuntu 16.04 LTS machine. 

Thanks in advance for any help or hint you can provide to me.

- Yves







_______________________________________________
Openvas-discuss mailing list
[email protected]
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Reply via email to