Table of Contents Introduction Introduction to GFI LANguard GFI LANguard components GFI LANguard management console GFI LANguard attendant service GFI LANguard patch agent service GFI LANguard script debugger Vulnerability management strategy Step 1: Performing an audit Introduction Performing a security scan Performing a custom scan Setting up a scheduled scan Creating a scheduled scan Scheduled scan: Configuring scan targets Configuring scan results Step 2: Analyzing the security scan results Introduction Scan summary Vulnerability level rating Detailed scan results Detailed scan results: Vulnerability Assessment Security vulnerabilities Potential vulnerabilities Missing Service Packs/Patches Bulletin information Detailed scan results: Network & Software Audit System patching status Ports Service fingerprinting Hardware Software System Information Security audit policy Groups/users Sessions Services Processes Remote time of day Displaying and sorting scan categories Saving and loading scan results Saving scan results to an external (XML) file Loading saved scans from database backend Filtering scan results About default scan results filters Running a filter on a scan Creating a custom scan filter Results comparison Configuring what scan results changes will be reported Generating a Results Comparison Report The Results Comparison Report Reporting Step 3: Fixing identified vulnerabilities Introduction Deploying missing updates Patch management Deploying missing updates Download patches and service pack files Identifying the download queue status Stopping active downloads (Optional) Configure alternative patch-file deployment parameters Deploy downloaded patches on selected targets Monitor the patch deployment process Uninstall patches already deployed on targets Monitoring the patch uninstall process Deploying custom software Enumerating the software to be deployed Selecting target computers for file deployment Deployment options Start the deployment process Uninstall applications Remote remediation Automatic Remediation Automatically deploy missing Microsoft updates Automatically uninstall unauthorized applications GFI LANguard dashboard Introduction Viewing the global security threat level Monitoring scheduled activity Security Scans Patch Downloads Remediation Operations Updates History Configuring GFI LANguard Introduction Scheduled Scans Setting a new scan schedule Reviewing, editing or deleting scan schedules Scheduled scan properties Computer profiles About SSH private key authentication Creating a new computer profile Configuring computer profile parameters Enabling/Disabling Profiles Applications inventory Adding a new application Application auto-uninstall Application auto-uninstall validation Managing scheduled scans Configuring Microsoft updates Auto-deployment settings Advanced Options Manage applicable scheduled scans Auto-download settings Configuring alerting options Database maintenance options Selecting a database backend Storing scan results in an MS Access database backend Storing scan results in an MS SQL Server database Database maintenance: Managing saved scan results Database maintenance: List of scanned computers Database maintenance: Advanced options Program updates Starting program updates manually Check for software updates at program startup Configure which updates to check on program startup Updates history Scanning Profiles Introduction Scanning profile description Complete/Combination scans Vulnerability Assessment Network & Software Audit Which scanning profile shall I use? Creating a new scanning profile Configuring vulnerabilities Enabling/disabling vulnerability scanning Customizing the list of vulnerabilities to be scanned Customizing the properties of vulnerability checks Vulnerability check conditions setup Vulnerability checks - advanced options Configuring patches Enabling/disabling missing patch detection checks Customizing the list of software patches to be scanned Searching for bulletin information Configuring TCP port scanning options Enabling/disabling TCP Port scanning Configuring the list of TCP ports to be scanned Customizing the list TCP ports Configuring UDP port scanning options Enabling/disabling UDP Port scanning Configuring the list of UDP ports to be scanned Customizing the list UDP ports Configuring OS data retrieval options Configuring the attached devices scanning options Enabling/disabling checks for all installed network devices Scanning for network devices Compiling a network device blacklist/whitelist Configuring advanced network device scanning options Scanning for USB devices Compiling a USB devices blacklist/whitelist Configuring applications scanning options Scanning installed applications Enabling/disabling checks for installed applications Compiling an installed applications blacklist/whitelist Scanning security applications Enabling/disabling checks for security applications Customizing the list of security application for scanning Configuring security applications - advanced options Configuring the security scanning options Utilities Introduction DNS lookup Traceroute Whois Enumerate computers Starting a security scan Deploying custom patches Enabling auditing policies Enumerate users SNMP Auditing SNMP Walk SQL Server Audit GFI LANguard updates Introduction Checking the version of current installed updates Using GFI LANguard from the command line Introduction Using ‘lnsscmd.exe’ - the command line scanning tool Using ‘deploycmd.exe’ - the command line patch deployment tool Switches: Using ‘impex.exe’ - the command line import and export tool Switches: Adding vulnerability checks via custom conditions or scripts Introduction GFI LANguard VBscript language Adding a vulnerability check that uses a custom VB (.vbs) script Step 1 : Create the script Step 2: Add the new vulnerability check Testing the vulnerability check/script used in example GFI LANguard SSH Module Keywords Adding a vulnerability check that uses a custom shell script Step 1 : Create the script Step 2: Add the new vulnerability check Testing the vulnerability check/script used in our example Python scripting Miscellaneous Introduction Enabling NetBIOS on a network computer Installing the Client for Microsoft Networks component on Windows 2000 or higher Configuring Password Policy Settings in an Active Directory-Based Domain Viewing the Password Policy Settings of an Active Directory-Based Domain GFI LANguard compatibility Introduction About OVAL GFI LANguard N.S.S. OVAL Support About OVAL Compatibility Submitting OVAL listing error reports About CVE About CVE Compatibility About CVE and CAN Searching for CVE entries in GFI LANguard N.S.S. Obtaining CVE names Importing and exporting CVE Data Troubleshooting Introduction Troubleshooting wizard Knowledge Base Web Forum Request technical support Build notifications
