In GFI LanGuard, a key concern for users is understanding how and where credentials are stored, their accessibility, and the security of these credentials, especially during uninstallation. This article addresses these concerns by explaining the storage location of credentials within the GFI LanGuard system, detailing the encryption and security measures in place to protect them, and outlining what happens to these credentials when GFI LanGuard is uninstalled. The focus is on ensuring that administrators are informed about the security and management of credentials within the LanGuard environment.
Credentials in GFI LanGuard are securely stored in two specific files: "lnss.dta" and, optionally, "lnss_com.dta". These files are located in the C:\ProgramData\GFI\LanGuard 12 folder on the LanGuard server.
It is important to note that the "lnss_com.dta" file might not be present in all installations, and this is normal. Significantly, no credentials are stored on LanGuard agent or relay agent machines, or on any other machines scanned and patched by LanGuard, ensuring centralized and secure storage.
The security of these files is robust. They are encrypted, meaning their contents cannot be understood if opened with standard tools like text editors. This encryption prevents unauthorized access to the contents, even if someone has read or write access to the storage folder. They may be able to delete or copy the files, but the encryption ensures the confidentiality of the credentials.
Upon a clean uninstallation of LanGuard, the entire C:\ProgramData\GFI\LanGuard 12 folder, including the credential files, is deleted. If for any reason this folder remains after uninstallation, administrators can manually delete it for security reasons. However, it is advisable to back up these files before uninstalling LanGuard, especially if there's a plan to reinstall LanGuard and use the same scan results database on a different machine. This backup ensures continuity and security of credential information across installations.