Vulnerability assessments? #803
Replies: 1 comment 6 replies
-
|
Hey, great idea, can you help me implement it (NMAP is already available to scan for open ports)? I regrettably don't have the bandwidth in the next few months probably. You can check the plugins development guide and video guide to get you started: https://github.com/jokob-sk/NetAlertX/blob/main/docs/DEV_ENV_SETUP.md
Wec ould start to have a scheduled scan as MVP and then look at expanding the use cases. |
Beta Was this translation helpful? Give feedback.
-
|
I'd keep the two plugins separate, so people can opt in the scans separately and configure the frequency according to their needs. I'm happy to help getting you started. Not sure if you watched the video, but starting out from the boilerplate is pretty straightforward, I think. You can of course copy over the code from an existing plugin and adjust the code - that's pretty much what I do half of the time. Have a look and I'm happy to help :) |
Beta Was this translation helpful? Give feedback.
-
|
If I may suggest: you might want to add a warning on the plugins instructions config page that it you start to portscan you might need to whitelist your netalertx device with your firewall/antivirus software or you might lose connection... For instance, bitdefender will block all traffic from an IP running a portscan like nmap. (can be super annoying when you firewall is the one doing the scan as you get kicked out from the internet and can't even google what's happening from any of your PC! ) |
Beta Was this translation helpful? Give feedback.
-
|
Sure if i get around to doing this (i don't have much time on my hands atm) i can do that, but i would hazard a guess that people who are running a vuln scanner on their own network will probably understand how intrusive they can sometimes be. |
Beta Was this translation helpful? Give feedback.
-
|
I've been thinking about writing a plugin for exactly this purpose but instead of OpenVAS etc. I'd go with Nuclei. Way more light-weight. Let's see what I can come up with with a little help from chatgpt. |
Beta Was this translation helpful? Give feedback.
-
|
Thanks in advance! |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
Has any thought been put into adding some kind of integration with a vulnerability scanner such as Greenbone Security Assistant or OpenVAS.
A great use-case would be upon a new device being detected, much like having nmap check for its open ports, it could be sent a request to GSA/OpenVAS to run a quick non authenticated scan of the device to make sure it isn't introducing risk to your network with vulnerable services etc . (as well as instructing it to run a full scan every day/week or whatnot)
thoughts?
Beta Was this translation helpful? Give feedback.
All reactions