Good Afternoon
I would like to know:
-
Whether OpenVAS can differentiate between a non-existent IP and one which blocks traffic from the OpenVAS server.
-
OpenVAS often reports that an older (vulnerable) version of an application is running on a server, but I guess the current test do not determine whether the setup is vulnerable. Will a more in depth test (that comes with some risks) be able to indicate whether the system is indeed vulnerable or not?