Question on denial of service NVTs


#1

New user here - trying to make friends with OpenVAS and transition off of the big commercial scanners…

Question on denial of service NVTs:
Are these written such that they look for the DoS vulnerability by service, banner, version, etc, but that they do not deliberately trigger the vulnerability?
I looked at the source for one and that seems like what it is doing, but i need to be sure before i include that family in my scanning.

Any advice / help appreciated.

~h~


#2

VTs in the Denial of Service category might look for DoS vulnerabilities based on the reported banner/versions and/or for vulnerabilities trying to actually shut down the remote service with an active DoS attack.

Controlling if VTs which might stop the remote service with an active attack are started against the remote service is done via the safe_checks scanner preference described here:

https://docs.greenbone.net/GSM-Manual/gos-4/en/vulnerabilitymanagement.html?highlight=safe_checks#general-preferences

If this setting is set to yes (e.g. by using the pre-defined Full and Fast or Full and very deep (Not the Ultimate ones)) no VTs which might stop the remote service are scheduled and launched against the target.


#3

Fantastic. Thanks - that helps alot.

so it sounds like the best option is to leave the denial of service family enabled, but then to also enable safe checks, (like the full and fast scan is set by default) so that we get reporting of potential DoS vulnerabilities, but are not likely to tip anything over.

Thanks again for the prompt reply.
~h~