GFI
English Deutsch Français Italiano Nederlands Español
Table of ContentsPreviousNextIndex

Performing a scan using alternative target logon credentials

When performing a security scan GFI LANguard N.S.S. must authenticate to the target computer(s). This is required so that the scanning engine is allowed permissions to run the configured vulnerability checks against the target and to retrieve the system information required.

GFI LANguard N.S.S. authenticates to targets by `physically' logging on to the computer(s) using the logon credentials of an account with administrative rights. This does not necessarily need to be a Domain Administrator or Enterprise Administrator account; however this user account must have administrative privileges on the target computer(s).

Different systems often require different authentication methods. For example Linux systems often request a private key file instead of the conventional password string. GFI LANguard N.S.S. supports both methods.

For more information about authentication methods refer to the `Computer Profiles' section in the `Configuring GFI LANguard N.S.S.' chapter in this manual.

To run a network security audit using specific logon credentials:

Screenshot 11 - GFI LANguard N.S.S. new scan toolbar: Authentication methods drop down list

1. From the credentials drop down list in the GFI LANguard N.S.S. scan toolbar, specify the authentication method to be used in this security audit by selecting one of the following options:

  • `Currently Logged-On User' - Select this option to authenticate to target computers using Windows NT account credentials (i.e. using the account under which GFI LANguard N.S.S. is running).
  • `Null Session' - Select this option to try and connect to target computers without authentication. In this way, you can identify what information can be accessed by non-authenticated (internal/external) users.
  • `Alternative credentials' - Select this option to authenticate to target computers using specific credentials. Specify these credentials in the `Username' and `Password' fields provided next to this drop down list.
  • `SSH Private Key' - Select this option to authenticate to Linux based target computers using a username and a private key file instead of a password string (i.e. through Public Key authentication).

NOTE: For more information about Public Key authentication, refer to the `About SSH Private Key file authentication' section in the `Configuring GFI LANguard N.S.S.' chapter in this manual.

2. Click on File } New.

3. Select the type of scan that you wish to perform (for example, Scan single computer).

4. Specify the requested target details (i.e. host name, IP, range of IPs or domain name).

5. From the `Scan Profile' drop down at the bottom of the dialog, select the scanning profile that will be used for this network security scan.

6. Click on the OK button to start your scan.

Table of ContentsPreviousNextIndex


   © 2008. All rights reserved. GFI Software Home Products Download Trials Support Ordering Site Map About Us Contact us
GFI solutions: anti spam - exchange anti virus - isa server - network vulnerability scanner - event log management - USB security software - exchange archiving - fax server software