ReportsScan OptionsAccess RulesKnowledge Base

Knowledge Base

The configuration section for the Knowledge Base (KB) allows you to control the management of the server-side scan results. Information retrieved by plugins is collected in a KB during a scan. This is done on a per-host basis, meaning there is one KB for every host scanned. The default is to discard the KB once all plugins have finished, but under certain circumstances it can be quite useful to tell the server to keep the KBs generated during the scan and use them again at a later time.

The following options are available to control KB handling:

Enable KB saving
If you want the server to save the KB after the scan is done, you have to enable this option.
Test all hosts
If this option is set, the server will not use the KB to determine which hosts should be scanned, but will rather scan all hosts supplied.
Only test hosts that have been tested in the past
If KB saving is enabled, there is one KB saved on the server for every host the server has scanned in the past. This can be used to restrict the server to scan only hosts that have been scanned before. This might be useful if you want to keep an eye on a certain set of machines and their configuration. Be aware that this setting might cause you to miss new hosts on the network since the server will not scan them.
Only test hosts that have never been tested in the past
Another way of using the existence of KBs is to exclude all hosts that have already been scanned. This way a scan will automatically discover hosts that have been added to the network since the last scan. Be aware that this setting cause hosts to be scanned only once (the first time they appear on the network), meaning you will not discover security issues that have recently developed or are only detected by new NVTs.
Reuse the knowledge bases about the hosts for the tests
This setting controls if the server should restore the KB that was saved for this host during the last scan. The default behavior is to create a new KB every time a host is scanned and to replace an existing KB with the new results.
Do not execute scanners that have already been executed
If the server has been instructed to reuse the existing KB, this will prevent scanning plugins from running if their results have already been recorded in the KB.
Do not execute info gathering plugins that have already been executed
If the server has been instructed to reuse the existing KB, this will prevent information gathering plugins from running if their results have already been recorded in the KB.
Do not execute attack plugins that have already been executed
If the server has been instructed to reuse the existing KB, this will prevent attack plugins from running if their results have already been recorded in the KB.
Do not execute DoS plugins that have already been executed
If the server has been instructed to reuse the existing KB, this will prevent denial-of-service (DoS) plugins from running if their results have already been recorded in the KB.
Max age of a saved KB
This setting controls the maximum age of the KB (in seconds). A KB older than this value is automatically discarded.

ReportsScan OptionsAccess RulesKnowledge Base