Chapter 08: Vulnerability Scanning
This chapter only applies to the Pro Sensors.
Pulse can perform vulnerability scanning of network hosts (assets) using a customized implementation of Open Vulnerability Assessment System (OpenVAS). This un-credentialed vulnerability scan will scan the network or specified network assets for a breadth of vulnerability types and score them based on their criticality.
The implementation of OpenVAS provided for use when performing vulnerability scanning within Pulse has been customized to scan and probe for vulnerabilities considered to be safe to look for without causing disruption to the asset being scanned. As a result of this approach it is important to recognize the type and number vulnerabilities identified will be less than that of what a commercial vulnerability scanner will identify. Enabling the use of the vulnerability scanning functionality within Pulse should not be construed as a solution to replace a commercial vulnerability scanning solution.
Scanning for vulnerabilities can be a time-consuming and intensive process based on the type of targets and the size of the network to be scanned. In Pulse, vulnerability scanning can be configured to scan an individual IP address or an IP range specified in the form or x.x.x.x-x.x.x.y (recommended nothing greater than 250 assets).
Blacklisting targets is done through the Pwnscan configuration, which is applied as iptables rules system-wide.
To perform vulnerability scans in Pulse, add Tasks to scan desired subnets, and turn on the OpenVAS service, as described in the following sections.
Configuring the OpenVAS Vulnerability Scan Task
To ensure proper network and sensor performance, limit frequency of OpenVAS scans as follows:
- A single IP target with a maximum frequency of daily
- Up to 254 hosts (/24 subnet) with a maximum frequency of weekly
If you perform vulnerability scans on multiple subnets, it is strongly recommended to schedule the tasks using multiple, staggered tasks set to run at different times.
Where possible, schedule vulnerability scans for off-hours to minimize any potential network impact.
Adding a New Vulnerability Scan Task
To add a new vulnerability scan task:
- Log into Pulse and open the Tasks tab.
- Click Add Task.
On the New Task page, complete task settings as follows.
Setting Description Name Assign name for Vulnerability Scan Task. Enabled Select to enable the task (required for task to run). Script The Script drop-down will display all Tasks currently in Pulse. Select the Task: Vulnerability Scan: Simple Target Enter the desired target IP (e.g. x.x.x.x) or range (e.g. x.x.x.x-x.x.x.y) to be scanned. Add to Select whether to run this task against a single sensor, or a group of sensors. Starts at Schedule when you want the task to run—default is the current time. Repeats Select whether and how frequently to repeat the task.
- Click Save.
The task begins automatically at the specified start time, and runs against the sensors selected.
Turning On the OpenVAS Service
To turn on the OpenVAS service:
- In the Pulse web application, open the Sensors tab.
- Select the sensor you want to scan.
- On the sensor profile page, open the Services tab.
- Click OpenVAS Service to turn on the service.
After a vulnerability scanning task completes, Pulse presents the vulnerabilities discovered on the Vulnerabilities page of the Assets tab of the web application. The Network Host view on the Assets tab also displays any detected vulnerabilities for individual network hosts on their profile pages.
For details about vulnerability scanning with OpenVAS, see the document
Best Practices – Vulnerability Scanning with OpenVAS in Pulse
© 2023 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.
Outpost24® and OUTSCAN™ are trademarks of Outpost24® and its affiliated companies. All other brand names, product names or trademarks belong to their respective owners.