Re: [Openvas-discuss] OpenVAS HTTP test OPTIONS requests
Hi, On 22.08.2018 18:48, Xinhuan Zheng wrote: > Hi Christian, > > For some reason, our target host returns content as if they were getting > GET requests, not returning Allow: header. I thought it may be redirect > can cause that. I have to figure out how to change target host > configuration to disabling OPTIONS requests. > Thanks, > > - xinhuan OPTIONS requests are mainly used to catch/enumerate the supported HTTP methods by the remote target like GET, POST, PUT and so on. If you see additional requests i guess most of these might be related to the following NVT: Name: Apache HTTP Server OPTIONS Memory Leak Vulnerability (Optionsbleed) OID: 1.3.6.1.4.1.25623.1.0.112048 but there is also an arbitrary amount of other NVTs which might send OPTIONS requests as well. Regards, > On 8/22/18, 12:43 PM, "Christian Fischer" > wrote: > >> Hi, >> >> On 17.08.2018 18:08, Xinhuan Zheng wrote: >>> Hello, >>> >>> In our recent OpenVAS scan, our host has HTTP service running so the >>> scanning software tests a lot of URLs. However, in the target host >>> access >>> log, we saw tons of OPTIONS requests being issued by scanning software. >>> Per some research, OPTIONS is a type of HTTP request that is pre-flight >>> in >>> Cross-origin resource. The normal GET request would return a document >>> with >>> bunch of objects, like json, images, etc. Can I limit OpenVAS not >>> issuing >>> OPTIONS requests? >>> Thank you, >> >> there is no such possibility included in OpenVAS besides excluding the >> NVT(s) doing those OPTIONS requests from your scan configuration. >> >> Could you elaborate why you want to limit OpenVAS not issuing OPTIONS >> requests? >> >> Regards, >> >> -- >> >> Christian Fischer | PGP Key: 0x54F3CE5B76C597AD >> Greenbone Networks GmbH | https://www.greenbone.net >> Neumarkt 12, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460 >> Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner > > ___ > Openvas-discuss mailing list > Openvas-discuss@wald.intevation.org > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss > ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] OpenVAS HTTP test OPTIONS requests
Hi Christian, For some reason, our target host returns content as if they were getting GET requests, not returning Allow: header. I thought it may be redirect can cause that. I have to figure out how to change target host configuration to disabling OPTIONS requests. Thanks, - xinhuan On 8/22/18, 12:43 PM, "Christian Fischer" wrote: >Hi, > >On 17.08.2018 18:08, Xinhuan Zheng wrote: >> Hello, >> >> In our recent OpenVAS scan, our host has HTTP service running so the >> scanning software tests a lot of URLs. However, in the target host >>access >> log, we saw tons of OPTIONS requests being issued by scanning software. >> Per some research, OPTIONS is a type of HTTP request that is pre-flight >>in >> Cross-origin resource. The normal GET request would return a document >>with >> bunch of objects, like json, images, etc. Can I limit OpenVAS not >>issuing >> OPTIONS requests? >> Thank you, > >there is no such possibility included in OpenVAS besides excluding the >NVT(s) doing those OPTIONS requests from your scan configuration. > >Could you elaborate why you want to limit OpenVAS not issuing OPTIONS >requests? > >Regards, > >-- > >Christian Fischer | PGP Key: 0x54F3CE5B76C597AD >Greenbone Networks GmbH | https://www.greenbone.net >Neumarkt 12, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460 >Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] OpenVAS HTTP test OPTIONS requests
Hi, On 17.08.2018 18:08, Xinhuan Zheng wrote: > Hello, > > In our recent OpenVAS scan, our host has HTTP service running so the > scanning software tests a lot of URLs. However, in the target host access > log, we saw tons of OPTIONS requests being issued by scanning software. > Per some research, OPTIONS is a type of HTTP request that is pre-flight in > Cross-origin resource. The normal GET request would return a document with > bunch of objects, like json, images, etc. Can I limit OpenVAS not issuing > OPTIONS requests? > Thank you, there is no such possibility included in OpenVAS besides excluding the NVT(s) doing those OPTIONS requests from your scan configuration. Could you elaborate why you want to limit OpenVAS not issuing OPTIONS requests? Regards, -- Christian Fischer | PGP Key: 0x54F3CE5B76C597AD Greenbone Networks GmbH | https://www.greenbone.net Neumarkt 12, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
[Openvas-discuss] OpenVAS HTTP test OPTIONS requests
Hello, In our recent OpenVAS scan, our host has HTTP service running so the scanning software tests a lot of URLs. However, in the target host access log, we saw tons of OPTIONS requests being issued by scanning software. Per some research, OPTIONS is a type of HTTP request that is pre-flight in Cross-origin resource. The normal GET request would return a document with bunch of objects, like json, images, etc. Can I limit OpenVAS not issuing OPTIONS requests? Thank you, - Xinhuan Zheng ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss