FAQ

Question left unanswered? Please contact us!

General

What is SERVERWAT.CH Security Scanner?

Why should I use SERVERWAT.CH Security Scanner?

Which security vulnerabilities are found?

How do I start using SERVERWAT.CH Security Scanner?

How often should I scan my servers?

How long does a scan take?

Does a scan affect my server?

Which operating systems are supported?

What does a report look like?

What IP addresses do the scanners use?

OpenVAS

What is OpenVAS?

How does OpenVAS work?



General

What is SERVERWAT.CH Security Scanner?

Most often IT security is not thought about until a problem arises. SERVERWAT.CH Security Scanner helps you to easily scan your servers for vulnerabilities on a regular basis and act on the results without the effort of setting up and maintaining your own scanning infrastructure.

Why should I use SERVERWAT.CH Security Scanner?

In most cases servers are directly connected to the internet and offer services like HTTP, SMTP or SSH. This opens the door to potential security vulnerabilities like bugs in software or configuration errors. SERVERWAT.CH Security Scanner helps you to check your servers for the latest security vulnerabilities on a regular basis and know when it's time to call your admin.

Which security vulnerabilities are found?

OpenVAS uses a database of more than 50.000 network vulnerability tests (NVT), which are divided into families like web application abuses, webservers, databases and microsoft windows bulletins. An NVT is a script to check a remote system for a known vulnerability. Known vulnerabilities are for example the Heartbleed Bug in the popular OpenSSL cryptographic software library or SambaCry, a zero-day vulnerability in Samba.

How do I start using SERVERWAT.CH Security Scanner?

Just do the following steps:

  • Create an account
  • Confirm your email
  • Add a server
  • Choose a scan schedule
  • Verify your server ownership
  • Get notified via email!

How often should I scan my servers?

Unfortunately there is no magic number for how often to run a vulnerability scan. It is a good choice to start with a scan once a week.

How long does a scan take?

This depends on your server and the number of open ports. A fast scan takes usually a few minutes, a slow scan can take up to one hour.

Does a scan affect my server?

Yes and no. Every scan will send a large amount of requests to your server and will create a lot of noise in your log files. But our scans won’t harm your server or disrupt the functionality of services running on your server.

Which operating systems are supported?

Since network services are detected and scanned, all major operating systems are supported.

What does a report look like?

You can download a sample report here.

What IP addresses do the scan servers use?

If you want to filter our scans from your error reporting or want to whitelist our scan servers please use the following list of IP addresses:

  • 85.214.115.33
  • 2a01:238:4227:900:bcf1:e7d2:be53:d751
  • 85.214.149.84
  • 2a01:238:427a:4000:4ce:8aa3:c1d9:b8d6
  • 85.214.47.2
  • 2a01:238:424e:4300:a098:e581:ece8:a87e

OpenVAS

What is OpenVAS?

OpenVAS (Open Vulnerability Assessment System) is a set of tools offering vulnerability scanning and vulnerability management. The development of OpenVAS, which is a fork of Nessus Vulnerability Scanner, started in 2005 after the developers of Nessus changed the license to a proprietary closed source license.

OpenVAS allows you to run several network vulnerability tests (NVT) written in Nessus Attack Scripting Language (NASL), which OpenVAS gets through a public NVT feed. The feed contains more than 50.000 NVTs.

All OpenVAS components are free software and can be downloaded from http://www.openvas.org.

How does OpenVAS work?

OpenVAS will initially perform a port scan to detect open ports on your server. Once open ports are detected, OpenVAS will test them for known vulnerabilities using more than 50000 network vulnerability tests (NVTs). When the scan is done, OpenVAS will generate a report with all details for each finding. The report also contains risk levels and proposed solutions.