Just installed gvm openvas on the last kali purple update. My scans are going to fast and they are finding basically nothing, not only they show basically a few logs but they don’t show any CVE finds. I’m scaninng networks who have a lot of vulnerabilitys and the y aren’t showing.
The hosts are reacheable as well, even with nmap. I don’t seem to see what’s wrong, the scans just keep going but showing like 2 logs and no CVE’s. But my feeds are updated.
OpenVAS will scan all ports that are specified in the port list and have NVTs for the corresponding port. The default port list is “All IANA assigned TCP”, which has the theoretical port range of 1-65535 (in practise not all of those ports are assigned or have corresponding NVTs).
So if there is a firewall that blocks OpenVAS from accessing those ports on the target machine, it cannot perform the scan properly.
Did you ever find an answer? I have the same scenario after a fresh Kali + Greenbone install. No matter what I do, I dont’ discover any badness, even on machines with lots of unpatched software.
My company has navigation restrictions so I had to ask to not have restrictions to anything related to greenbone and their feeds. I put in my target’s scan configuration the option “Consider alive”
