Scan EC2 instance over AWS

rsandhya · March 9, 2021, 5:46am

Hi all,
My OpenVAS tool is running over AWS, now I need to scan EC2 instances.
When I tried to scan I got empty report, response is as below,
The report is empty. This can happen for the following reasons:

The target hosts could be regarded dead.
You could change the Alive Test method of the target. However, if the targets are indeed dead, the scan duration might increase significantly. (Click here to edit the target)
is there something else I need to follow?
Please help me with target configuration steps.

Thank you

Shaheed · March 10, 2021, 9:35am

Forgive me asking the obvious: did you configure your AWS firewalls (“Security Group”) to allow the scanning?

rsandhya · March 10, 2021, 11:10am

For now I am able to access OpenVAS installed over AWS from browser (opened 443 port in firewall). if this port is not enough which port do I need to open for scanning?

Thank you

bricks · March 10, 2021, 5:23pm

Sorry to be harsh but you should do some research about what a vulnerability manager tool and scanner is supposed to do if you write such a question.

Shaheed · March 10, 2021, 6:58pm

As @bricks mentioned you will need to look into what exactly you want to achieve. I’m a noob when it co es to gvm!

My answer was really prompting you to look at the virtual networking since, compared to a typical LAN, all sorts of limits are imposed by default. You’ll also likely need to refresh your knowledge on internal and external addressing. Good luck.