Phone Lines icon GFI Support Home Sign in
Start a conversation
  1. GFI Support
  2. GFI Support - LanGuard Section
  3. Articles

Configuring Vulnerabilities in GFI LanGuard

Overview

The Vulnerability Assessment Options tab enables you to configure which Microsoft or non-Microsoft and Security or non-Security updates are checked when scanning targets with the selected profile.

This article guides you on how to set up and configure Vulnerability Scanning.

Process

Enabling Vulnerability Scanning

  1. Launch GFI LanGuard.
  2. Go to Configuration > Scanning Profile Editor. Alternatively, press CTRL + P to launch the Scanning Profiles Editor.
  3. Go to Vulnerability Assessment Options > Vulnerabilities.
  4. Select the scanning profile to customize from the left pane under Profiles.
  5. In the right pane, select Enable Vulnerability Scanning.

    2019-09-13_20-03-49.png

NOTE: Vulnerability scanning is configured on a scan profile by scan profile basis. If in a particular profile this option is not selected, no vulnerability tests will be performed in the security audits carried out by this scanning profile.

Back to top

Customizing the List of Vulnerabilities to Be Scanned

Specify which vulnerabilities will be enumerated and processed by a scanning profile during a security audit:

  1. Launch GFI LanGuard.
  2. Go to Configuration > Scanning Profile Editor. Alternatively, press CTRL + P to launch the Scanning Profiles Editor.
  3. Go to Vulnerability Assessment Options and select the scanning profile to customize from the left pane under Profiles.
  4. In the right pane, select the vulnerability checks to execute through this scanning profile.

    2019-09-13_20-10-03.png

Back to top

Customizing Vulnerability Checks Properties

All the checks listed in the Vulnerabilities tab have specific properties that determine when the check is triggered and what details will be enumerated during a scan.

  1. Right-click on the vulnerability to customize, select Properties.
  2. Customize the selected vulnerability check from the tabs described below:

    2019-09-13_20-13-35.png

    Tab

    Description

    General

    Use this tab to customize the general details of a vulnerability check including vulnerability check name, vulnerability type, OS family, OS version, product, timestamp, and severity.

    Conditions

    Use this tab to configure the operational parameters of this vulnerability check. These parameters will define whether a vulnerability check is successful or not.

    Description

    Use this tab to customize the vulnerability check description.

    References

    Use this tab to customize references and links that lead to relevant information in the OVAL, CVE, MS Security, Security Focus and SANS TOP 20 reports.
  1. Click OK to save your settings.

Back to top

Setting up Vulnerability Check Conditions

The Conditions tab enables you to add or customize conditions, which define whether the computer or network being scanned is vulnerable, or not.

WARNING: It is therefore of paramount importance that any custom checks defined in this section are set-up by qualified personnel that is aware of the ramifications of their actions.

vulnerabilityconditionssetuptab.png

To add a vulnerability check condition:

  1. Launch GFI LanGuard.
  2. Go to Vulnerability Assessment Options > Vulnerabilities.
  3. Right-click a vulnerability from the list of vulnerabilities and select Properties.
  4. From the Edit Vulnerability dialog, go to Conditions Add.
  5. Select the type of check to be configured and click Next.

    configuringvulnerabilities-addingchecks1.png
  6. Define the object to examine and click Next.

    configuringvulnerabilities-addingchecks2.png
  7. Specify required conditions and click Finish to finalize your settings.

    configuringvulnerabilities-addingchecks3.png
  8. If more than one condition is set up, define conditional operators and click OK to finalize your configuration settings.

    configuringvulnerabilities-addingchecks4.png
  9. (Optional) Click Advanced in the Vulnerabilities tab to launch the advanced vulnerabilities scanning options.

    configuringvulnerabilities-addingchecks5.png

The options in Advanced Vulnerabilities Options are used to:

  • Configure extended vulnerability scanning features that check your target computers for weak passwords, anonymous FTP access, and unused user accounts.
  • Configure how GFI LanGuard handles newly created vulnerability checks.
  • Configure GFI LanGuard to send CGI (Common Gateway Interface) requests through a specific proxy server. This is mandatory when CGI requests will be sent from a computer that is behind a firewall to a target web server that is outside the firewall. For example, Web servers on a DMZ (Demilitarized Zone).

The firewall will generally block all the CGI requests that are directly sent by GFI LanGuard to a target computer that is in front of the firewall. To avoid this, set the Send CGI Requests Through Proxy option to Yes and specify the name/IP address of your proxy server and the communication port which will be used to convey the CGI request to the target.

Back to top

Related Articles

Choose files or drag and drop files
Was this article helpful?
Yes
No

  1. Priyanka Bhotika

  2. Posted
  3. Updated

Comments