2.5 Custom scan A custom scan is a network audit based on parameters, which you configure on the fly before launching the scanning process. Various parameters can be customized during this type of scan including: • Type of scanning profile to use (i.e. the type of checks to execute/type of data to retrieve). • Scan targets • Logon credentials In custom scans, scan profiles are organized under 3 profile groups: • Vulnerability assessment: This group contains profiles that scan target computers for network threats based on guidelines provided by OVAL/CVE and SANS TOP20 bulletins. • Network & Software audit: This group contains profiles that scan target computers for system information such as OS information, installed applications and USB devices connected. • Complete/Combination scans: This group contains Full Scan profiles that audit target computers for a wide-array of threats and system information. When to use Custom Scans? It is recommended to use custom scans: • When performing a onetime scan with particular scanning parameters/profiles. • When performing a scan for particular network threats and/or system information. • To perform a target computer scan using a specific scan profile. 2.5.1 How to launch a Custom Scan To perform a custom scan: 1. Launch the GFI LANguard management console from Start ► Programs ► GFI LANguard 9.0 ► GFI LANguard. 2. From the Network Audit ► Scan tab which opens by default, click on the Launch a Custom Scan option. Screenshot 3 – Scan profile groups 3. Select the scan profile group, applicable to the type of information to be retrieved from targets, and click Next. E.g. to audit targets for USB devices connected, select the Network & Software Audit option. Screenshot 4 - Custom Scan Wizard Scan type 4. Select the profile to use during this scan and click Next. Screenshot 5 - Target computer categories 5. Select one of the following options and click Next: • Scan a single computer – Select this option to scan local host or one specific computer • Scan a range of computers – Select this option to scan a number of computers defined through an IP range. For more information, refer to http://kbase.gfi.com/showarticle.asp?id=KBID002749. • Scan a list of computers – Select this option to import list of targets from file or to select targets from network list. • Scan computers in text file – Select this option to scan targets enumerated in a specific text file. • Scan a domain or workgroup – Select this option to scan all targets connected to a domain/workgroup. 6. Specify the respective target computer(s) details and click Next. Screenshot 6 - Specify the scan job credentials 7. Specify the authentication details to use during this scan. 8. Click Scan to start the audit process.
