Overview

GFI LanGuard will use port 22 as the default port for all SSH-based checks (i.e., Linux vulnerability scans). If the SSH port is changed from this default, any SSH-based checks will fail. This affects GFI LanGuard in all supported environments and target operating systems which use SSH on a non-standard port (i.e., not port 22).

GFI LanGuard will automatically update the port used for SSH if a port scan of a target machine detects the SSH port as different to port 22. LanGuard will use this updated port in any further SSH-based checks during that scan.

Process

Create a new scanning profile that adds a port scan into the vulnerabilities scan.

1. Navigate to GFI LanGuard > File menu > Configuration > Scanning Profiles Editor.
2. Click on Create new scanning profile.
3. Select the new Scanning Profile and add in the required vulnerability scanning options.
4. Select the new Scanning Profile> Network & Software Audit Options > TCP Ports > 'Enable TCP Port Scanning' > select port 22 > add port check > specify new port number > port descriptions = Secure Shell (SSH).
5. Save the new scanning profile settings

When you perform a scan of a target machine using this new scanning profile, LanGuard will perform a port scan, identify that SSH is running on <new port number> and amend further SSH-based vulnerability checks on that machine to use <new port number> for SSH.