I’m having a hard time in preventing my scanner from following and scanning other, but connected, hostnames.
For example, let’s say I want to execute a scan of target “mydomain”, which is an alias of “maindomain”, which is on IP 220.127.116.11. The webserver will serve a certificate from it’s IP address with secondary domain names “customer1”, “customer2”.
As it is, the openvas scanner attacks ALL these domains, and not just the single one I want, which is “mydomain”. This behaviour results in my audits scanning too much, taking too long, attacking other customer’s web sites, and the reports/results can be huge.
I have been experimenting with the server config (openvassd.conf) and scan config nvt settings to try to find a way to disable this behaviour, but to no avail!
Am I missing out on something obvious here? Is there a single setting in the config file to disable this, or a single nvt?