Showing results for 
Search instead for 
Did you mean: 
Level 7

Scan for configuration

Can you build a customer vuln set to scan windows boxes for a specific configuration?  Such as check if service xzy is off, registry settings etc ?

0 Kudos
1 Reply
Level 10

Re: Scan for configuration

MVM isn't a configuration management/auditing tool, but if MVM has a test for the item you're looking for (i.e. if it is considered a vulnerability), then you can report on it.

For listening services, you can use an asset filter in a report:

     Open ports equals [the number of the port you're interested in]

For other items, you'll need to check to see if there is a test for the particular condition you're interested in (i.e. if it can be or is considered a vulnerability.)

You can do searches through the vulnerability list, or, if you have access to a test system, set it up with the condition you're interested in, and do an authenticated scan.

Look through all the detections for that system, paying particular attention to the 'informational' level of alerts.

J. Dunn

Message was edited by: jldunn -- added "authenticated" on 7/19/12 4:07:39 PM CDT
0 Kudos