Closed yippeykeiyay closed 6 years ago
To further test openvas I have now set it up in a Kali Linux installation and run a scan against my metasploitable VM. The openvas scan has found 14 high, 28 medium and 2 low vulnerabilities so clearly there is something wrong either with the docker image or my use of it.
Turns out I wasn't running openvas version 9.
I assumed from the wording in the README (see below) that the command mentioned above would launch version 9, but I was wrong.
# latest (9)
docker run -d -p 443:443 --name openvas mikesplain/openvas
I have run the basic
docker run -d -p 443:443 --name openvas mikesplain/openvas
command to start the container and made sure it fully up to date. However, none of my scans are returning any vulnerabilities.I have setup a local metasploitable2 VM and scanned it, but still no vulnerabilities despite Nessus discovering over 100 vulnerabilities.
I'm a bit of a n00b - is there something I'm missing? Maybe a setting or environment variable that needs setting?