Difference between OpenVAS Scanner and OSP-Sensor

Building from Source and Advanced Topics
1

Hello together,

I am building a system with remote scanners. If I add a scanner with gvmd my command looks like this:

sudo -u _gvm gvmd --create-scanner="SCANNER-NAME" \
--scanner-host=10.10.10.10 \
--scanner-port=9390 \
--scanner-ca-pub=/var/lib/gvm/CA/cacert.pem \
--scanner-key-pub=/var/lib/gvm/CA/clientcert.pem \
--scanner-key-priv=/var/lib/gvm/private/CA/clientkey.pem

Some people add the parameter "–scanner-type=OSP-Sensor " but what’s the difference? I tested both and both worked fine. The only difference I could found was the appearance in the web interface.

Without --scanner-type=OSP-Sensor:

Screenshot 2025-03-20 154225
Screenshot 2025-03-20 1542251671×142 17.7 KB

With --scanner-type=OSP-Sensor:

Screenshot 2025-03-20 154026
Screenshot 2025-03-20 1540261669×161 16.2 KB

Are there also technical differences and whats the best practice?

I am using bare kali linux machines with the newest GVM Kali packages.

2

The scanner type “OpenVAS Scanner” points to the actual vulnerability scanner which runs locally and executes vulnerability tests:

greenbone-community-22.4-architecture
greenbone-community-22.4-architecture2166×1124 136 KB

The type “Greenbone Sensor” references a remote sensor, that is another system running a GVM installation, via the OSP protocol. This makes it possible to run another OpenVAS scanner instance in a different network segment.

This functionality is currently only easily accessible in our paid enterprise products, cf. 15 Using a Master-Sensor Setup - Greenbone Enterprise Appliance – GOS 24.10.2. It could in theory be set up with the community edition, but we have no documentation available for this.

1 Like
3

Hello Martin,

my tests show me some other results. No matter of the configuration, the scanns are running on my remote system. The only difference I found is the appearance in GSA.
With --scanner-type=OSP-Sensor the scanner is shown under the Default Scanner from the Main System.
With --scanner-type=OpenVAS the scanner is shown as separat scanner.

If I dont specify the scanner type, like showen in my firtst post, it automaticly sets it to OpenVAS.

Here you see two remote scanner setup with the different type:

Scanners
Scanners1643×914 45.2 KB

But the question is, are there also technical differences in the backround? Does it use the OSP protocol in both cases? Do I need the VTs on the remote system in both cases?

4

Using “OpenVAS Scanner” remotely is not a supported use case to my knowledge. It may even be an oversight or bug. I don’t have any more information about why and how this could work.

Do I need the VTs on the remote system in both cases?

For the “Greenbone Sensor” case the VTs must be present on the remote system as well, yes.

1 Like