Is there a quick way to disable all scan types which are considered intrusive? Things like:
SQL Injection attacks
Default passwords
Any kind of brute force attack
Any scan that actively exploits a vulnerability
I’m OK with have a lower confidence in the scan results. What I can’t do is run a scan that actively exploits a detected vulnerability just to get a 100% confidence in the scan results.
GVM currently doesn’t provide a way to disable such VTs (these would be the ones in the ACT_ATTACK or higher category) besides searching for them on the file system and de-selecting them one by one in the scan config which probably isn’t a task you want to do.
So the intrusive VT’s are enabled by default? Is there a scan config that has them already disabled? Turning them off individually would be very tedious.
Is there a way to lock a scan config once created such that new VT’s aren’t automatically added to it? The idea would be to create a scan config with all invasive VT’s turned off, but where I could manually add new VT’s monthly or weekly after screening the invasive ones out.
You can set the Trend of a scan configuration from dynamic to static so that new VTs are not getting automatically added to it. The related documentation about this can be found here: