I’m new to openvas. I’m using the community edition for test reasons and have a problem with the os-detection. I’m using openvas in kali linux in a VM on top of VMWare Workstation. I scanned different networks (about 100 Hosts) and I’m getting in many cases (80%) the OS “HP JetDirect” (cpe:/h:hp:jetdirect).
I’ve seen, that for this “ICMP based OS fingerprinting / detection.” (188.8.131.52.4.1.256184.108.40.206002) is responsible.
So I’ve duplicated the “System Discovery” Scan-Config and have disabled the ICMP product detection. I’ve also activated some other OS-Detections. But when I’m now using the new scan config I’m getting the same results. For this I’ve deleted all old data before a new scan with the new config.
In this context I’ve the following questions:
- Why is the OS-Detection in my case so inaccurate (with nmap I’m getting a much better result). What I’m doing wrong?
- Why is the ICMP based OS fingerprinting used in my new scan config. I’ve disabled this kind of detection.