I would like to know if there is a way to configure a scan config to avoid testing any exploits and brute forcing.
The hosts credentials are provided. So I would like to test if installed packages are vulnerable and also scan services and their version and if there is any existing vuln for the version, then notify it, but without trying to exploit it.
It is because, it should be a test for production environments and I’m worry the server can come down if it manage to find a working exploit.
thanks in advance
The way I see it, you have two options. You can either (1) clone an existing scan configuration and try to remove any tests that you don’t want, or (2) clone the base scan and add the VT that you do want.
To accomplish this, you can access the scan configs from the top menu bar
Configuration -> Scan Configs. From there you can (1) clone either the “Full and fast” and remove scan families that are aggressive such as “Brute Force Attacks” and “Buffer Overflow” (although there are more) and ensure that “safe_checks” is enabled in the “Edit Scanner Preferences” section or (2) clone the “Base” scan config and add “X Local Security Check” VT families and others that specifically apply to your host OS (such as Ubuntu, etc.) and fit your specific needs.
There are other options that you might want to configure when scanning a production server which is located in the “Edit Scanner Preferences” and “Network Vulnerability Test Preferences” sections of the Edit scan config dialog. However, there is no absolute guarantee that these a scan will not impact your server.