Windows Authenticated Scans (logs and results)

Hi All,
we’re doing an authenticated scan on Windows hosts with GVM (version 20.08.1). The GVM was built from source (below you can find the details).

We have performed, on the same Windows hosts, an unauthenticated scan.
The results we obtained are very strange: we discovered more vulnerabilities on the hosts using an unauthenticated scan than the one with authentication. How this is possible?

Also, we were unable to find any log about the successfull or unsucsessfull auth of the user (we are talking about the user we used to perform the authenticated scans) in the GVM logs. Where we can find this infos? In which log file?

Thanks a lot

GVM versions

gsad: Greenbone Security Assistant 20.08.1~git-5069ee8d2-gsa-20.08
gvmd: Greenbone Vulnerability Manager 20.08.1~git-7a247dbeb-gvmd-20.08
openvas-scanner: OpenVAS 20.8.2
gvm-libs: gvm-libs 20.8.2~git-aa3bba16-gvm-libs-20.08

Environment

Operating system: Ubuntu Focal Fossa 20.04.2 LTS
Kernel: 5.4.0-72-generic #80-Ubuntu SMP Mon Apr 12 17:35:00 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
Installation method / source: GIT revision 7a247dbeb-gvmd-20.08

The following topic below has quite throughout information around this topic.

1 Like