4. Getting started: Performing an audit : Performing a security scan using default settings
Performing a security scan using default settings
For a default scan you must only specify which target computer(s) you wish to audit and GFI LANguard N.S.S. will automatically:
Authenticate to the targets using the currently logged on user account credentials (i.e. the credentials under which GFI LANguard N.S.S. is currently running).
Use a thorough list of default vulnerability checks that are preconfigured in the ‘Full’ scanning profile. This is one of the default scanning profiles that ships with GFI LANguard N.S.S.
To perform a default scan:
1. Click on New Scan… button
Screenshot 15 - Selecting the type of security scan
2. Select one of the following scanning operations and click Next:
‘Vulnerability Scanning’ – Use this scanning operation to enumerate all the vulnerabilities present on target computers including missing patches.
‘Patching status’ – Use this scanning operation to enumerate only missing patches on target computers.
‘Network and Software Auditing’ – Use this scanning operation to enumerate system information without including vulnerabilities and missing patches.
‘Complete/Combination scan’ – Use this scanning operation to retrieve system information and enumerate all vulnerabilities including missing patches.
Screenshot 16 - Choose the scanning profile
3. Select the required scanning profile and click Next.
NOTE: For a detailed description of what each individual scanning profile does please refer to the ‘Scanning profile description’ section in the Scanning Profiles chapter in this document.
Screenshot 17 - Selecting scan range
4. Select one of the following scan target types and click Next:
‘Scan single computer…’ – Select this option to scan a single computer.
‘Scan range of Computers…’ – Select this option to scan a specific range of computers.
‘Scan list of Computers…’ – Select this option to scan a custom list of computers.
‘Scan a Domain…’ – Select this option to scan an entire Windows domain.
Screenshot 18 - New Scan range options dialogs.
5. Specify scan target details (i.e. host name, IP, range of IPs or domain name) and click Next.
NOTE: When configuring IP ranges, GFI LANguard N.S.S. 8.0 also allows you to specify which IPs must be excluded from this range. For more information on this feature please refer to Configuring scan ranges section in this document.
Screenshot 19 - Specify the scan credentials
6. Specify the authentication details to be used during this scan. Click on the Scan button to initiate the scanning process.