Network Vulnerability Scan with OpenVAS
About the Network Vulnerability Scanner
This is a comprehensive scanner which detects a wide range of vulnerabilities mosty related to network services and operating systems but also includes web server configuration tests.
The engine for this scanner is OpenVAS, which is the most advanced open source vulnerability scaner, hosted on our servers.
It can identify vulnerabilities associated with various services such as: SMTP, DNS, VPN, SSH, RDP, VNC, HTTP and many more.
- Target: This specifies the target that will be scanned. It can be a single IP address or a hostname (ex. webmail.mydomain.com).
- Ports to scan: These are the network ports that will be tested for vulnerabilities. The default value is to scan for the most common 4481 ports.
- Scan policy: This instructs OpenVAS on how to detect vulnerabilities. The "Full and Fast" policy uses most of the Network Vulnerability Tests (57000+ NVTs) and it is optimized to use the previously collected information before deciding which NVTs to running.
How it works
OpenVAS implements each test in a plugin called Network Vulnerability Test (NVT). It currently has more than 57000 active plugins which can detect a huge numer of vulnerabilities for numerous services and applications.
The scanner works by first detecting which ports are open on the target host and then by running each applicable NVT against the open ports.
Since it performs a considerable number of tests, the scan can take from 30 minutes to several hours.