How to determine the timeout for an OpenVAS scan

victor.sanchez · October 29, 2020, 11:16am

GVM versions

gsa: 8.0.1
gvm: 8.0.1
openvas-scanner: 6.0.1
gvm-libs: 10.0.1

Environment

Operating system: Arch Linux
Kernel: 5.2.14-arch2-1-ARCH
Installation method / source: pacman

################################################################################

Dear all,

Is there any way to determine the timeout for an OpenVAS scan?

I have read the following chapter regarding individual NVT timeout, but I am looking for an “overall” timeout.

Is scanner_plugins_timeout the value I am looking for?

Thank you for your answers

victor.sanchez · October 29, 2020, 11:42am

I have found the following:

<preference>
    <nvt oid="">
        <name/>
    </nvt>
    <hr_name>scanner_plugins_timeout</hr_name>
    <name>scanner_plugins_timeout</name>
    <type/>
    <value>36000</value>
    <default>36000</default>
</preference>

<preference>
    <nvt oid="">
        <name/>
    </nvt>
    <hr_name>plugins_timeout</hr_name>
    <name>plugins_timeout</name>
    <type/>
    <value>320</value>
    <default>320</default>
</preference>

Therefore I am assuming my installation has an overall scan timeout of 10 hours and a 320 seconds timeout for each one of the NVTs.

Is this information correct?

Thank you.

jjnicola · October 30, 2020, 4:21pm

The scanner preference scanner_plugins_timeout doesn’t set the overall scan timeout. It is for plugins which belongs to the ACT_SCANNER category.

The scan duration depends on many factors, like amount of host in the target, if it includes the UDP ports, but also depends on the target. If there is a firewall in front of the target closing the ports detected as open, each plugin will run until it timeouts.
There are some option which can speed up the scan in case a port has been closed during the scan, like open_sock_max_attempts

You can check this in the Openvas manpage.