Phone Lines icon GFI Support Home

Articles in this section

See more

Configuring Vulnerabilities with Scanning Profile Editor

Author: Andriy Rybalchenko Updated

Overview

The Scanning Profile Editor Vulnerability Assessment Options tab allows you to configure which Microsoft or non-Microsoft and Security or non-Security updates are checked when LanGuard is scanning targets with the selected profile.

This eliminates the need to acknowledge or ignore specific patches from the Dashboard individually and manually since they would not be detected during scanning with this customized Scanning Profile.

 

Solution

Enabling Vulnerability Scanning

Vulnerability scanning can be enabled or disabled (if your goal is network and software auditing only) in any Scanning Profile:

  1. Launch LanGuard console and go to Configuration > Scanning Profile Editor. Alternatively, press CTRL + P to launch the editor.
  2. Go to Vulnerability Assessment Options > Vulnerabilities.
  3. Select the Scanning Profile to customize from the left pane under Profiles.
  4. In the right pane, select Enable Vulnerability Scanning.

mceclip0.png

Vulnerability scanning is configured on a Scanning Profile level. If this option is not selected in a particular profile, no vulnerability tests will be performed in the security audits carried out by this scanning profile.

 

Customizing the List of Vulnerabilities to Be Scanned

To specify which vulnerabilities will be enumerated and processed during a security audit:

  1. Launch LanGuard console and go to Configuration > Scanning Profile Editor.
  2. Go to Vulnerability Assessment Options and select the Scanning Profile to customize from the left pane under Profiles.
  3. In the right pane, select the vulnerability checks to execute through this Scanning Profile.

    2019-09-13_20-10-03.png

 

Customizing Vulnerability Checks Properties

All the checks listed in the Vulnerabilities tab have specific properties that determine when the check is triggered and what details will be enumerated during a scan.

  1. Right-click on the vulnerability to customize, select Properties.
  2. Customize the selected vulnerability check from the tabs described below:

    mceclip1.png

    Tab

    Description

    General

    Use this tab to customize general details, including vulnerability check name, vulnerability type, OS family, OS version, product, timestamp, and severity.

    Conditions

    Use this tab to configure the operational parameters of this vulnerability check. These parameters will define whether a vulnerability check is successful or not.

    Description

    Use this tab to customize the vulnerability check description.

    References

    Use this tab to customize references and links that lead to relevant information in the OVAL, CVE, MS Security, Security Focus, and SANS TOP 20 reports.
  1. Click OK to save your changes.

 

Setting up Vulnerability Check Conditions

The Conditions tab enables you to add or customize conditions, which define whether the computer or network being scanned is vulnerable or not.

WARNING: It is, therefore, of paramount importance that any custom checks defined in this section are set-up by qualified personnel aware of the ramifications of their actions.

vulnerabilityconditionssetuptab.png

To add a vulnerability check condition:

  1. From the Vulnerability Assessment Options > Vulnerabilities, right-click a vulnerability from the list and select Properties.
  2. From the Edit Vulnerability dialog, go to Conditions Add.
  3. Select the type of check to be configured and click Next.

    configuringvulnerabilities-addingchecks1.png
  4. Define the object to examine and click Next.

    configuringvulnerabilities-addingchecks2.png
  5. Specify required conditions and click Finish to finalize your settings.

    configuringvulnerabilities-addingchecks3.png
  6. If more than one condition is set up, define conditional operators, and click OK to finalize your configuration settings.

    configuringvulnerabilities-addingchecks4.png
  7. (Optional) Click Advanced in the Vulnerabilities tab to launch the advanced vulnerabilities scanning options.

    configuringvulnerabilities-addingchecks5.png

The options in Advanced Vulnerabilities Options are used to:

  • Configure extended vulnerability scanning features that check your target computers for weak passwords, anonymous FTP access, and unused user accounts.
  • Configure how LanGuard handles newly created vulnerability checks.
  • Configure LanGuard to send CGI (Common Gateway Interface) requests through a specific proxy server. This is mandatory when CGI requests will be sent from a computer behind a firewall to a target web server outside the firewall. For example, Web servers on a DMZ (Demilitarized Zone).

The firewall will generally block all the CGI requests directly sent by GFI LanGuard to a target computer in front of the firewall. To avoid this, set the Send CGI Requests Through Proxy option to Yes and specify the name/IP address of your proxy server and the communication port, which will be used to convey the CGI request to the target.

 

Related Articles

Related articles