I am writing to seek for advices on tuning the OpenVAS software for better performance.
The OpenVAS version I am using is 9, and most of the target systems run Linux.
The scanning environment is roughly like this :
- the firewalls of the OpenVAS host and the target systems are configured to allow all packets from each other;
- only one target system is scanned at a time;
- in each scan, all ports (TCP 1-65535, UDP 1-65535) are scanned, and the scan mode is “Full and very deep ultimate”.
With these settings, it is found that each scan takes very long to complete (12-14 hrs). The progress bar looks frozen at “1%” for many hours.
If the scans are repeated with the “scanner_plugins_timeout” value reduced from the default “36000” to “9000”, then the scans can run faster (6-7 hrs to complete) and the results show no significant
I would like to ask : is there an “optimal” choice for the timeout value which can shorten the run time without sacrificing the scan quality ?