Hey Guys,

I've been doing a bit of testing for my POC and come to a good place. Wanted to put out the question of vulnerability scanning. I know that most vendors aren't going to support KaOS but I did find OpenVAS can scan Arch as a generic linux cpe. I guess my question is whether anyone has done a scan against KaOS, if it identifies as Arch when scanned?

I'll answer the question myself eventually when I get the OpenVAS built and running but sometimes asking can answer questions you don't know you have.

9 days later

Update

If you're required to do any Vulnerability Scanning or need a Scanner that will actually perform a scan against KaOS, OpenVAS is capable of performing an assessment for you. Nessus will label the OS unsupported and end the scan regardless of Credentialed or non-credentialed scanning.

In order to perform a proper scan against KaOS you'll need to ensure you configure either "Full and Deep Scan" or "Full and Ultimate scan" configurations. This will allow the scanning to index the filesystem for installed applications and versions. Pacman is not checked for maintaining a package database but typically is not scored in an audit assessment so long as an Inventory list can be generate (Which is why Ultimate or Deep is required.)

Compliance scanning is possible as well. I recommend CIS Distribution Independent Linux to follow if require. You'll need to configure Openvas for CIS scan which can be done through: https://docs.greenbone.net/GSM-Manual/gos-4/en/compliance.html

I did not install Openvas on KaOS but rather ran my scan through a VM. Building OpenVAS on KaOS proved difficult.