Overview
This article provides relevant information regarding the available Scanning Profiles in GFI LanGuard, which is helpful for you to understand what each Scanning Profile detects on your scan targets.
Back to top
Information
When GFI LanGuard is acquired, it comes with the following default Scanning Profiles:
Complete/Combination Scans
| Scan Profile |
Description
|
| Full Vulnerability Assessment |
-
Use this Scanning Profile to enumerate particular network vulnerabilities, e.g., open TCP/UDP ports commonly exploited by Trojans, missing patches and service packs, etc. The list of vulnerabilities identified by this profile can be customized through the Vulnerabilities tab.
-
Installed USB devices and applications are not enumerated by this profile.
-
This profile will scan for all vulnerabilities, which includes vulnerabilities that have an associated Microsoft patch to them and which are considered missing patches.
|
| Full Scan (Active) |
-
Use this Scanning Profile to retrieve system information as well as scan your network for all supported vulnerabilities, including open TCP/UDP ports, missing patches, and service packs, USB devices connected and more.
-
The vulnerability check timeouts in this profile are specially preconfigured to suit the network traffic and transmission delays usually associated with LAN environments.
|
| Full Scan (Slow Networks) |
-
Use this Scanning Profile to retrieve system information as well as scan your network for all supported vulnerabilities including open TCP/UDP ports, missing patches, and service packs, USB devices connected and more.
-
The vulnerability check timeouts in this profile are specifically preconfigured to suit the network traffic and transmission delays usually associated with WAN environments.
|
Vulnerability Assessment
| Scan Profile |
Description
|
| Top SANS 20 Vulnerabilities |
Use this Scanning Profile to enumerate all vulnerabilities reported in the SANS Top 20 lists.
|
| High-Security Vulnerabilities |
-
Use this Scanning Profile to enumerate open TCP/UDP ports and high-security vulnerabilities.
-
The list of TCP/UDP ports and high-security vulnerabilities that will be enumerated by this profile can be customized through the TCP/UDP Ports tabs and the Vulnerabilities tab respectively.
|
| Last Year's Vulnerabilities |
Use this Scanning Profile to enumerate network vulnerabilities that emerged during the last 12 months.
|
| Only Web |
-
Use this Scanning Profile to identify web–server specific vulnerabilities. This includes scanning and enumerating open TCP ports that are most commonly used by web–servers such as port 80.
-
This profile scans only TCP ports commonly used by web-servers. Network auditing operations, as well as enumeration of vulnerabilities and missing patches, are not performed using this profile.
|
| Missing Patches |
|
| Critical Patches |
-
Use this Scanning Profile to enumerate only missing patches that are tagged as essential.
-
The list of critical patches that will be enumerated by this profile can be customized through the Patches tab.
|
| Last Month's Patches |
-
Use this Scanning Profile to enumerate only missing patches that were released last month.
-
The list of missing patches that will be enumerated by this profile can be customized through the Patches tab.
|
| Only Service Packs |
|
| Non-Microsoft Patches |
Use this Scanning Profile to enumerate missing third-party patches, e.g., Adobe products.
|
| Security Patches |
Use this Scanning Profile to enumerate missing Microsoft and non-Microsoft security patches on your scan targets.
|
Network & Software Audit
| Scan Profile |
Description
|
| Trojan Ports |
-
Use this Scanning Profile to enumerate open TCP/UDP ports that are commonly exploited by known Trojans.
-
The list of TCP/UDP ports to be scanned can be customized through the TCP Ports and UDP Ports tabs respectively.
-
This profile scans only the TCP/UDP ports commonly exploited by known Trojans. Network auditing operations, as well as enumeration of other open TCP/UDP ports and missing patches, are not performed by this profile.
|
| Port Scanner |
-
Use this Scanning Profile to enumerate open TCP/UDP ports, including those most commonly exploited by Trojans.
-
The list of ports that will be enumerated by this profile can be customized through the TCP/UDP ports tab.
|
| Software Audit |
|
|
Full TCP & UDP Scan
|
Use this Scanning Profile for auditing your network and enumerating all open TCP and UDP ports.
|
| Only SNMP |
-
Use this Scanning Profile to perform network discovery and retrieve information regarding hardware devices (routers, switches, printers, etc.) that have SNMP enabled.
-
This enables you to monitor network-attached devices for conditions that require administrative attention.
|
| Ping Them All |
Use this Scanning Profile for auditing your network and enumerating all computers that are currently connected and running.
|
| Share Finder |
- Use this Scanning Profile for auditing your network and enumerating all open shares either hidden or visible.
- This profile performs no vulnerability checks.
|
| Uptimes |
Use this Scanning Profile for auditing your network and identifying how long each computer has been running since the last reboot.
|
| Disks Space Usage |
Use this Scanning Profile for auditing your network and retrieving system information on available storage space.
|
| System Information |
Use this Scanning Profile to retrieve system information such as operating system details, wireless/virtual/physical network devices connected, USB devices connected, installed applications, and more.
|
| Hardware Audit |
Use this Scanning Profile for auditing your network and enumerating all hardware devices currently connected to your network computers.
|
| Network Discover |
Use this Scanning Profile to enumerate any IP enabled device connected to your network.
|
Back to top
Priyanka Bhotika
Comments