New scan

Go to Vulnerabilties>New scan.

Create a new task and then execute the scan. You can configure the following parameters:

Field name

Description

Name

A descriptive name to identify the scan

Comments

The optional comment allows specifying background information.

Target

Select a previously configured target from the drop-down-list.

Schedules

Select a previously configured schedule from the drop-down-list

Add target

Add a new target: A target could be a website, web application, server, or network device that you would like to scan for security vulnerabilities

Run once

To launch the scan once

Add schedule

To schedule the job to run at a different time

Add result to assets

Selecting this option will make the systems available to the asset management.

Apply override

The severity of a result can be modified. This is called override. Overrides change the display of the results,

Alterable task

Allows for modification of the task even though reports were already created. The consistency between reports can no longer be guaranteed if tasks are altered.

Min QoD

The minimum specified quality of detection for the addition of the results to the asset database.

Auto delete reports

This option may automatically delete old reports.

Scanner

By default, only the built-in OpenVAS and CVE scanners are supported.

Scan configuration

UTMStack comes with eight pre-configured scan configurations for the OpenVAS scanner

Network source interface

You can choose the source interface for the scan.

Max executed NVTs per hosts

Select the speed of the scan on one host.

Maximum scanned hosts

If many NVTs run simultaneously on a system or more systems are scanned at the same time, the scan may have a negative impact on either the performance of the scanned systems, the network, or the UTMStack appliance itself. These values may be tweaked

1.1Add target

target is a website, web application, server, or network device that you would like to scan for security vulnerabilities

You can define a new scan target as follows:

Name: Choose a descriptive name.

Comment: The optional comment allows specifying background information.

Hosts: Manual entry of the hosts that should be scanned, separated by commas

Exclude Hosts: Manual entry of the hosts that should be excluded from the list mentioned above separated by commas.

Reverse lockup only: Only scan IP addresses that can be resolved into a DNS name.

Reverse lockup unify: If multiple IP addresses resolve to the same DNS name the DNS name will only get scanned once.

Port list: Port list used for the scan. You can add a port list or select them by clicking on the drop-down-list: All TCP, All privileged TCP, etc.

Alive Test: This option specifies the method to check if a target is reachable. Options are:

  • ICMP Ping
  • TCP-ACK Service Ping
  • TCP-SYN Service Ping
  • ICMP & TCP-ACK Service Ping
  • ICMP & ARP Ping
  • TCP-ACK Service & ARP Ping
  • ICMP, TCP-ACK Service & ARP Ping
  • Consider Alive

Credential for authenticated checks: A credentialed scan can recover more details about a host than one without credentials. You can add new credentials and select the port. By default are configured SSH and SMB credentials:

  • SSH Credential: Selection of a user that can log into the target system of a scan if it is a Linux or Unix system. This allows for an authenticated scan using local security checks.
  • SMB Credential: Selection of a user that can log into the target system of a scan if it is a Microsoft Windows system. This allows for an authenticated scan using local security checks.