So openvas-check-setup looks for a file named /etc/openvas/openvassd.conf. If there is not one there, it will use the default settings. I've successfully gotten openvas-check-setup to read customized settings by making my own file:
Code:
# OpenVAS Security Scanner, Debian default configuration file
#
# Empty lines and those starting with '#' are ignored.
# Directory where plug-ins are to be found
plugins_folder = /var/lib/openvas/plugins
# Path to OpenVAS caching folder:
cache_folder = /var/cache/openvas
# Path to OpenVAS include directories:
# (multiple entries are separated with colon ':')
include_folders = /var/lib/openvas/plugins
# E-mail address of the admin
#email = root
# Maximum number of hosts
max_hosts = 1
# Number of plugins that will run against each host,
# i.e. simultaneous tests
# Total number of processes will be max_checks x max_hosts
max_checks = 1
# File used to log activity. Set it to 'syslog' if you want to use syslogd.
logfile = /var/log/openvas/openvassd.messages
# Log every detail of the attack in openvassd.messages
# If disabled only the beginning and end are logged, and
# not the time each plugin takes to execute
log_whole_attack = no
# Log the name of the plugins that are loaded by the server
log_plugins_name_at_load = no
# Dump file for debugging output, use `-' for stdout
dumpfile = /var/log/openvas/openvassd.dump
# File that contains rules database that apply to all users
#rules = /etc/openvas/openvassd.rules
# Users database file
#users = /etc/openvas/openvassd.users
# CGI paths to check for (cgi-bin:/cgi-aws:/ can do)
cgi_path = /cgi-bin:/scripts
# Optimize the test
optimize_test = yes
# Read timeout (in seconds) for the sockets of the tests
# Increase this value if running on a slow network link (dialup)
checks_read_timeout = 5
# Delay (in seconds) to pass for between two tests against the same port
# (to be inetd friendly)
#delay_between_tests = 1
# Maximum time to wait for a plugin to execute
plugins_timeout = 320
# Do not run simultaneous ports for these tests.
# Default value: non_simult_ports = 139, 445
# This setting is necessary for reliable scans of Microsoft Windows targets.
non_simult_ports = 139, 445
# Range of the ports that port scanners will scan
#port_range = default
# Only test the IPs that can be reversely looked up?
#reverse_lookup = no
# Host expansion:
# dns: performs and AXFR on the remote name server
# and test the host obtained
# nfs: test hosts that have the right to mount the
# filesystems exported by the remote host
# ip: scan the entire subnet
#host_expansion = dns;ip
# Use the MAC address as host identifier (useful in
# local LANs with dynamic addresses, e.g. DHCP)
# use_mac_addr = yes
# Slice the network IPs into portions and rotate them
# between scanning each slice. Instead of the (default)
# behaviour of scanning a network incrementally.
# slice_network_addresses = yes
# Enable plugins that are depended on
auto_enable_dependencies = yes
# Enable safe checks (this overrides the client's configuration)
# safe_checks = yes
# Public key client server encryption (crypto options)
#force_pubkey_auth = yes
# Define SSL version, use NONE to disable SSL
# ssl_version = 3
# Full path and filename of a trusted certificate authority
# see /usr/share/doc/openvas/README_SSL.gz
# trusted_ca =
# SSL Ciphers to use
# The following removes all SSLv3 ciphers except RC4.
# This has been implemented to workaround an OpenSSL 0.9.8
# bug, for more information please read
# http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=338006
# and
# http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=343487
# ssl_cipher_list = SSLv2:-LOW:-EXPORT:RC4+RSA
# NASL scripts cryptographic checks of some plugins (trusted
# scripts). OpenVAS will refuse to load and execute trusted
# scripts that are not signed. Use extreme caution when
# setting this to 'yes'
nasl_no_signature_check = yes
# Set this to 'yes' if you want each child to be nice(2)d
be_nice = yes
# End of /etc/openvas/openvassd.conf file.
However, I was a little disappointed to discover that the setting I was interested in using (max_hosts - same as axtronic) only applies to each individual scan, not all of the scans that are running/queued:
http://lists.wald.intevation.org/pip...st/006678.html
I haven't found a way to control how many Tasks will be executed simultaneously, which is why I've got the number of checks per host also set to 1 :\.