we own greenbone for a few months, our maintainer is in vacation, so i have a question as representative of our main person.
We use greenbone to scan our internal network for weaknesses.
We have 2 proxies on which portmapper services are offered. These services are external IPs and do not belong to our network. We have to make sure our scan is not reaching out for those external IPs. So should i create new portlists/scantargets to disallow specific ports or do we have an other option to not scan through proxy external targets?
thank you for your answer. I try to be more precise.
problem is solveable by creating scanlists and targets, but i try to avoid this. basically we want scan complete internal networks without exceptions. I believe it is a task on part of the clients to protect themselves and not creating exceptions in greenbone.
From my point of view, the configuration becomes more unclear and confusing with every exception. A lot of configuration parts are not editable, they have to be cloned and combined to new tasks. So i have to exclude my proxies from our maintarget and create individual targets/lists/tasks for every exception. I don’t like that, and the configuration options aren’t really geared towards it.
So my question is would greenbone stop scanning if it detects a proxy with services delivered by an external IP?
I still don’t understand the question, even though I’m a network engineer. OpenVAS scans all IP addresses and services that are defined for it. If this proxy is some kind of NAT port‑forwarding setup, it doesn’t concern itself with where the traffic ultimately ends up. The configuration can admittedly be confusing for beginners; personally, I use the API interface directly and don’t even touch the web UI