3

I am using Ossim and I did a scan vulnerabilities with OpenVas. I received feedback that some of our softwares broke after the scan. We will check the logs to see if the scan cause this, but I was wondering: is OpenVas an active scanner? What are the risks associate with a tool like that?

RandomSecGuy
  • 95
  • 1
  • 8
  • 1
    Hi there, this question as it stands is a bit broad. OpenVAS can scan actively or passively, and the options you configured to run in the scan changes the risks associated with scanning. Can you be more specific about what you did? – Ohnana Apr 07 '16 at 17:07
  • I use the default scan offered by Ossim. I will try to look what it includes and edit my post after with the updated information – RandomSecGuy Apr 07 '16 at 17:16

1 Answers1

2

With the default Configuration OpenVAS will scan actively. It happend to me sometimes in the past that software crashed while scanning it with a vulnerablity scanner. In my expience this applies mostly to badly written PHP apps, IoT devices and cheap routers but of cause it can happen with other targets too.

davidb
  • 4,285
  • 3
  • 19
  • 31
  • 2
    The default scan says it is a non-destructive scan, but the softwares that crash is not build on rock...thanks for the reply :) – RandomSecGuy Apr 07 '16 at 18:29
  • 1
    Non destructive is always just a estimation. You can never be sure what crashes an unknown system. There is always a risk left,... – davidb Apr 07 '16 at 18:41