VA results not seemingly aligned with ports opened

Hi everyone,

So I am having a bit of confusion.

I’ve been doing VA scans, and at some point I found out that my results are very… Little. Sure, less vulnerabilities are good, but… I was expecting more.

What I meant was, I was expecting to see several vulnerabilities, however the completed scan only highlighted a few.

The host, from netstat, shows way more ports than the Openvas could report.

And I did the default full and fast scans, you can be sure I wasn’t playing with the scan config.

And I also did nmap on the host, which did show a pretty good reflection of the netstat.

But one could also argue perhaps, those ports aren’t a security issue so it wasn’t in the report.

Can anyone shed some light on this?



the same answer as given in the thread below should be valid here as well.

Unfortunately this is a question no one can answer you without having knowledge of / deep insights into your scanned environment. The amount of results for a scan highly depends on various factors like:

  1. exposed and identified services, applications
  2. existing vulnerabilities within this services/applications
  3. coverage of 1. and 2. within the feed
  4. the chosen port list (e.g. All TCP vs. nmap top 1000) assigned to your task / target

OpenVAS 8 Only 25 Results

I’m closing this thread as a duplicate of the linked topic above.