Filter
Top Products
Tools Viewing vulnerability scan modules
FortiAnalyzer Version 3.0 MR7 Administration Guide
05-30007-0082-20080908 161
9 Select OK.
10 Select OK.
11 Select Close.
12 After the vulnerability scan job completes, revert the NetBIOS settings configured
in this procedure.
Preparing Unix target hosts
Vulnerability scan modules targeting Unix variant hosts, including Linux and Apple
Mac OS X, require the ability to log in to the target host using the secure shell
(SSH) protocol. If SSH is not already installed and/or enabled on target hosts
running Unix variants, you must install and/or enable it for the duration of the
vulnerability scan.
Some vulnerability scan modules, such as those that test file permissions or
check installed patch and software versions, require full access to the target host.
You must configure the vulnerability scan job with the user name and password of
the root account on the target host to perform a full scan using all modules.
Alternatively, you can provide the user name and password of an account
assigned to the root user group — that is, a user account whose group ID (gid) is
zero (0).
The root account on some Unix variants, including Apple Mac OS X, is disabled
by default. In this case, you must first enable the root account, or create a new
user account and assign it to the same user group as the root account. Steps to
enable the root account vary by Unix variant.
If you do not enable and provide the root account, or an account with equivalent
permissions, the vulnerability scan report may contain false negatives, false
positives, or other inaccuracies. For example, non-root accounts are restricted to
fewer commands, may be jailed, and cannot fully check the system configuration.
Without root access, the vulnerability scan will be able to check only a part of the
known security concerns for the host. For example, a non-root account could view
the /etc/passwd file which contains user names, and specifies functions
available to the user, but not the /root/.bashrc file which specifies
system-wide functions.
Viewing vulnerability scan modules
The Modules page displays available remote vulnerability scan (RVS) modules.
Each module tests for the presence of a specific security vulnerability on the
operating system, services/daemons, applications, or other software installed on
the target host, as described in the module’s details.
!
Caution: Configuration changes necessary for a full vulnerability scan can temporarily
introduce additional risks. If possible, use a firewall or other method of mitigation, such as
FortiClient, to limit which hosts can access the target host during the vulnerability scan,
allowing only connections from the FortiAnalyzer, and undo any vulnerability scan
configuration changes after the scan.