Filter
Top Products
FortiAnalyzer Version 3.0 MR7 Administration Guide
164 05-30007-0082-20080908
Configuring vulnerability scan jobs Tools
Configuring a custom scan allows you to provide the user name and password of
an administrator or root account for modules that require full access, and to
specify the severity threshold of vulnerabilities for which you want to scan, giving
you greater control over which modules will be used to probe the target host. By
providing login credentials and a low severity threshold, you can perform a full
scan, using all available modules. For more information about viewing the
modules associated with a given severity, see “Viewing vulnerability scan
modules” on page 161.
Even if a user name and password are not specified in the vulnerability scan job,
vulnerability scans always attempts to log in to Windows target hosts with the
following combinations:
• Administrator without a password
• Administrator with a password of “Administrator”
• Guest with a random password to test for the presence of Guest accounts
• No user name or password to test Null sessions
This allows you to scan for vulnerabilities associated with weak or default user
account security policies without providing an administrator login or performing
many of the other Windows-related vulnerability scan modules.
To view current or scheduled vulnerability scan jobs, go to Tools >
Vulnerability Scan > Job.
Figure 3: Vulnerability Scan jobs
Create New Select to add a vulnerability job to the queue.
Delete Select the check box of each vulnerability scan job that you want
to delete, then select Delete.
Job Name The name of the vulnerability scan job.
Target The IP address(es) of the host(s) that the FortiAnalyzer unit will
scan.
Status The activity status of the vulnerability scan job in the queue. This
can include the current activity, such as running or preparing to
start, or it can be the date and time that the vulnerability scan job
will run in the future. When completed, vulnerability scan job
results appear in the list of vulnerability scan reports. For more
information, see “Viewing vulnerability scan reports” on page 166.
Action Select the Delete icon to remove the vulnerability scan job from
the list.
Select Edit to modify the vulnerability scan job. You cannot modify
a vulnerability scan job if it is currently running.
Select Run now to initiate the vulnerability scan job.
Select Stop job to cancel a vulnerability scan job if it is currently
running.
Delete
Edit
Run nowStop job