 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.100509 |
| Kategorie: | Settings |
| Titel: | Options for Local Security Checks |
| Zusammenfassung: | This script allows users to set some Options for Local Security; Checks which are stored in the knowledge base and used by other tests. Description of the options:;; - Also use 'find' command to search for Applications:;; Setting this option to 'no' disables the use of the 'find' command via SSH against Unixoide; targets. This reduces scan time but might reduce detection coverage of e.g. local installed; applications.;; - Descend directories on other filesystem (don't add -xdev to find):;; During the scan 'find' is used to detect e.g. local installed applications via SSH on Unixoide; targets. This command is descending on special (network-)filesystems like NFS, SMB or similar; mounted on the target host by default. Setting this option to 'no' might reduce the scan time if; network based filesystems are not searched for installed applications.;; - Enable Detection of Portable Apps on Windows:;; Setting this option to 'yes' enables the Detection of Portable Apps on Windows via WMI. Enabling; this option might increase scan time as well as the load on the target host.;; - Disable the usage of win_cmd_exec for remote commands on Windows:;; Some AV solutions might block remote commands called on the remote host via a scanner internal; 'win_cmd_exe' function. Setting this option to 'yes' disables the usage of this function (as a; workaround for issues during the scan) with the risk of lower scan coverage against Windows; targets.;; - Disable file search via WMI on Windows:;; Various VTs are using WMI to search for files on Windows targets. Depending on the attached; storage and its size this routine might put high load on the target and could slow down the scan.; Setting this option to 'yes' disables the usage of this search with the risk of lower scan; coverage against Windows targets.;; - Report vulnerabilities of inactive Linux Kernel(s) separately:;; All current package manager based Local Security Checks are reporting the same severity for active; and inactive Linux Kernel(s). If this setting is enabled the reporting for inactive Linux; Kernel(s) is done separately in the VT 'Report Vulnerabilities in inactive Linux Kernel(s)'; (OID: 1.3.6.1.4.1.25623.1.0.108545).;; Please note that this functionality is currently only available for Debian (and Derivates using; apt-get) and RPM based Distributions and needs to be considered as 'experimental'.;; - Integer that sets the directory depth when using 'find' on unixoide systems:;; A non-negative integer added as '-maxdepth' parameter to all 'find' calls used during a scan of; unixoide systems.;; - Use 'su - USER' option on SSH commands and Use this user for 'su - USER' option on SSH commands:;; Deprecated preferences / options which will be removed in the future. Please migrate to the new; 'Elevate Privileges' feature introduced in GOS/GVM 21.04.5. See the references for more; information.;; - Folder exclusion regex for file search on Unixoide targets:;; During the scan 'find' and/or 'locate' is used to detect e.g. local installed applications via SSH; on Unixoide targets. This option allows to pass a regex to define which folders should be excluded; / not searched when searching for files on such a target. Please pass 'None' to the option if you; don't want to exclude any folders. |
| Beschreibung: | Summary: This script allows users to set some Options for Local Security Checks which are stored in the knowledge base and used by other tests. Description of the options: - Also use 'find' command to search for Applications: Setting this option to 'no' disables the use of the 'find' command via SSH against Unixoide targets. This reduces scan time but might reduce detection coverage of e.g. local installed applications. - Descend directories on other filesystem (don't add -xdev to find): During the scan 'find' is used to detect e.g. local installed applications via SSH on Unixoide targets. This command is descending on special (network-)filesystems like NFS, SMB or similar mounted on the target host by default. Setting this option to 'no' might reduce the scan time if network based filesystems are not searched for installed applications. - Enable Detection of Portable Apps on Windows: Setting this option to 'yes' enables the Detection of Portable Apps on Windows via WMI. Enabling this option might increase scan time as well as the load on the target host. - Disable the usage of win_cmd_exec for remote commands on Windows: Some AV solutions might block remote commands called on the remote host via a scanner internal 'win_cmd_exe' function. Setting this option to 'yes' disables the usage of this function (as a workaround for issues during the scan) with the risk of lower scan coverage against Windows targets. - Disable file search via WMI on Windows: Various VTs are using WMI to search for files on Windows targets. Depending on the attached storage and its size this routine might put high load on the target and could slow down the scan. Setting this option to 'yes' disables the usage of this search with the risk of lower scan coverage against Windows targets. - Report vulnerabilities of inactive Linux Kernel(s) separately: All current package manager based Local Security Checks are reporting the same severity for active and inactive Linux Kernel(s). If this setting is enabled the reporting for inactive Linux Kernel(s) is done separately in the VT 'Report Vulnerabilities in inactive Linux Kernel(s)' (OID: 1.3.6.1.4.1.25623.1.0.108545). Please note that this functionality is currently only available for Debian (and Derivates using apt-get) and RPM based Distributions and needs to be considered as 'experimental'. - Integer that sets the directory depth when using 'find' on unixoide systems: A non-negative integer added as '-maxdepth' parameter to all 'find' calls used during a scan of unixoide systems. - Use 'su - USER' option on SSH commands and Use this user for 'su - USER' option on SSH commands: Deprecated preferences / options which will be removed in the future. Please migrate to the new 'Elevate Privileges' feature introduced in GOS/GVM 21.04.5. See the references for more information. - Folder exclusion regex for file search on Unixoide targets: During the scan 'find' and/or 'locate' is used to detect e.g. local installed applications via SSH on Unixoide targets. This option allows to pass a regex to define which folders should be excluded / not searched when searching for files on such a target. Please pass 'None' to the option if you don't want to exclude any folders. CVSS Score: 0.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:N |
| Copyright | Copyright (C) 2010 Greenbone Networks GmbH |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |