Does Full & Fast scan use previous Discovered ports?

Hello,
I have a question regarding the full & fast scan.
In the documentation it says that it uses previous scans to perform better.
I have launched a discovery scan beforehand, but in the openvas.log file we saw that nmap.nasl was running.


Isn’t it suppose to know which ports are open ? Since I already did the discovery scan.
Regards,

Hi, could you add a link for that statement?

1 Like

Yes, here is the link :
10 Scanning a System — Greenbone Enterprise Appliance 21.04.26 documentation

And the part I am refeering to :

Im curious about how the previously gathered information is used.

Thanks for the link.

I might be wrong but information gathered in the previous port scan is meant as the port scan is run at the beginning of the scan with this scan configuration. At least that’s my understanding how a scan with full and fast works.

2 Likes

I can confirm what @bricks has written:

There is never any data shared across multiple scans in the current software / scanner stack. The text is referencing to a port scan which has been started and running in the very same scan.

I see, but isnt that the case for all scans ?
In the scan configs it is only written for Full & Fast.

So it only uses what is launched in this precise scan.
Thanks for the quick reply !

Yes, not sharing any data across any scan is the case for all scan configs.

But AFAICT this text is only part of the “Full and Fast” scan config description because e.g. “Full and Very Deep” is also using a port scanner but doesn’t depend on it’s result and might still launch VTs against some default ports of an application.

For example if port 10000/tcp (for Webmin) wasn’t found to be open during a port scan a scan (e.g. because the port wasn’t included in the uses port list) then:

  • “Full and Fast” won’t detect the application because the port isn’t tested
  • “Full and Very Deep” could detect it because the product detection doesn’t rely on the information gathered in the previous port scan and the port is still tested (because it is defined as the default port for this application in the product detection)

Okay, i see now.
Thanks !

1 Like