Host names and OS are not resolved for optimized scan

Hi all,

The goal is to create a scan that:

  1. Identifies the host name
  2. Identifies OS version (usually Windows)
  3. Checks only for a specific (SMB) Vulnerability
  4. Is really fast

Q: I partly meet my goal: host names and OS are not resolved. So I get the ip’s, get the vulnerability (or not), but host names and OS are not resolved.

I have managed to do this by doing the following

  1. Created a scan target for the /24 subnet
    I have configured on the “Port List” only TCP port 445 to be checked (for speed, not to check all TCP ports)

  2. I have “cloned” the "system discovery " scan config and included the 2 vulnerability related NVT’s for the vulnerability I need to check. That works well.

  3. I then create a new task, using the scan target and the scan config.

Result is that I get the report that the host has the vulnerability but not the OS and host name.

Any ideas what more should I enable?

As this question is not related to Vulnerability Tests itself but about the scan config in use i have moved this topic to the “Source Edition” category for now.

To answer the initial question try to add the following two VTs to your scan configuration which should give you the expected results:

Host Details - OID: 1.3.6.1.4.1.25623.1.0.103997

OS Detection Consolidation and Reporting - OID: 1.3.6.1.4.1.25623.1.0.105937

Please allow WMI port as well !