Network Vulnerability Scan with OpenVAS
About the Network Vulnerability Scanner
This is a comprehensive scanner which detects a wide range of vulnerabilities mosty related to network services and operating systems but also includes web server configuration tests.
The Light Scan uses a custom built scanning engine which detects vulnerabilities very fast, based on the version information returned by the target service. However, this detection method could return some false positives.
The Full Scan uses OpenVAS as scanning engine, which is the most advanced open source vulnerability scaner. OpenVAS is hosted on our servers and it is configured to do in-depth scanning. It can identify vulnerabilities associated with various services such as: SMTP, DNS, VPN, SSH, RDP, VNC, HTTP and many more.
- Target: This specifies the target that will be scanned. It can be a single IP address or a hostname (ex. webmail.mydomain.com).
- Scan type:
- Light: uses the fast version-based scanner (custom built)
- Full: uses the OpenVAS in-depth scanner
How it works
OpenVAS implements each test in a plugin called Network Vulnerability Test (NVT). It currently has more than 57000 active plugins which can detect a huge numer of vulnerabilities for numerous services and applications.
The scanner works by first detecting which ports are open on the target host (scans for the most common 4481 ports) and then by running each applicable NVT against the open ports.
The scanning policy is "Full and Fast", which uses most of the Network Vulnerability Tests (57000+ NVTs) and it is optimized to use the previously collected information before deciding which NVTs to run.
Since it performs a considerable number of tests, the scan can take from 30 minutes to several hours.