About test_alive_hosts_only


First of all, I want to use the “test_alive_hosts_only” option but it says in the release notes that it is experimental. Is it still experimental?

And secondly, does this option use the options that we select for the alive test (like “Do a TCP Ping”)?


If the release notes say it is experimental it is experimental until stated otherwise.

Experimental means it didn’t get enough testing for declaring it stable. You could use it but be careful that you might get unexpected behavior.


Experimental also means: If you ask support about a problem you found, we will ask you to switch the experimental feature off. This is because we haven’t got enough experience with this features.

Otherwise you are free to use the feature, it’s faster then the old alive tests and offers the same settings (ICMP, ARP, etc.)


what is the difference between the test_alive_hosts_only parameter and the alive_test = CONSIDER_ALIVE that i can set in create_target?

test_alive_hosts_only is a setting for the openvas scanner application to use our new alive host detection. It is a global setting and can only be changed via the config file. This new alive host detection is run before all nasl scripts. Only as alive detected hosts will be tested for vulnerabilities.

The consider alive option is a scanner parameter and therefore can be set for each scan. It just deactivates all alive host detection and runs all vulnerability tests against all specified target hosts. No matter if they are available or not.

So you can imagine that a fast and reliable alive host detection is crucial for the speed of a vulnerability test and that’s what you get with the new but still experimental alive detection.