How to exclude fs location on Linux from scan

Hi,
I use GCE ( GVM + GSA ) version 21.04. I have to scan some fileservers, and would like to scan only OS part of a server, not file server content. So basically I need to exclude some file system locations ( of whole filesystems ) on linux from scanning.

I tried to find how to setup this but without any results.

Can somebody help?

Regards

@tomislak what you mean? scanner does not scan filesystems. it only fetches package list, if authentication is enabled on scan with working credentials.

Eero

Hi,

I get following error description regarding Adobe Flash :

Detected Adobe Flash Player

Version: 7.0.53.0
Location: /nfsshare/…/c5wyy8dq.slt/plugins/libflashplayer.so
CPE: cpe:/a:adobe:flash_player:7.0.53.0

Concluded from version/product identification result:
7.0.53.0

I would like to exclude this location “/nfsshare”.

Regards

@Eero

The scanner (or more exactly the VTs started by it) are for sure doing more then just fetching package lists if authentication is enabled. This includes searching for specific files / binaries to detect software which hasn’t been installed via the package manager.

@tomislak

There are a few settings available in the preferences of the following VT (you can change these by cloning the used scan config and following the instruction in 10 Scanning a System — Greenbone Enterprise Appliance 21.04.19 documentation):

Name: Options for Local Security Checks
OID: 1.3.6.1.4.1.25623.1.0.100509

namely with the following preference:

Folder exclusion regex for file search on Unixoide targets

The following might be also related:

Descend directories on other filesystem (don’t add -xdev to find)