VA results not seemingly aligned with ports opened

duplicate

#1

Hi everyone,

So I am having a bit of confusion.

I’ve been doing VA scans, and at some point I found out that my results are very… Little. Sure, less vulnerabilities are good, but… I was expecting more.

What I meant was, I was expecting to see several vulnerabilities, however the completed scan only highlighted a few.

The host, from netstat, shows way more ports than the Openvas could report.

And I did the default full and fast scans, you can be sure I wasn’t playing with the scan config.

And I also did nmap on the host, which did show a pretty good reflection of the netstat.

But one could also argue perhaps, those ports aren’t a security issue so it wasn’t in the report.

Can anyone shed some light on this?

Cheers!


#2

Hi,

the same answer as given in the thread below should be valid here as well.

Unfortunately this is a question no one can answer you without having knowledge of / deep insights into your scanned environment. The amount of results for a scan highly depends on various factors like:

  1. exposed and identified services, applications
  2. existing vulnerabilities within this services/applications
  3. coverage of 1. and 2. within the feed
  4. the chosen port list (e.g. All TCP vs. nmap top 1000) assigned to your task / target

OpenVAS 8 Only 25 Results

I’m closing this thread as a duplicate of the linked topic above.


#3