Hi,
I’m trying to scan a Windows machine on which firewall has been disabled. When I launch my scan (with or without credentials), it doesn’t detect that firewall is off. The targeted host is alive and well, I have other vulnerabilities detected but not this one.
Does Openvas can not detect this type of vulnerabilities or did I do domething wrong?
Thanks for your help,
Logselk
Please read our fine documentation:
https://docs.greenbone.net/GSM-Manual/gos-6/en/compliance-and-special-scans.html#supported-measures
Additional you might wanna check the Policy Control:
M 4.98 Restricting communication to a minimum with packet filters Credentials Microsoft Windows: firewall is tested. For Microsoft Windows Vista or higher any firewall that is installed conforming to the system.
A disabled firewall isn’t a vulnerability so you won’t get any vulnerabilities reported about this in your report.
A disabled firewall is more a Policy topic, there might be a few Policy-VTs from e.g. the “IT-Grundschutz” family which could help you to detect something like this.