1 Reply Latest reply on Jul 19, 2012 4:07 PM by jldunn

    Scan for configuration

    vulman762

      Can you build a customer vuln set to scan windows boxes for a specific configuration?  Such as check if service xzy is off, registry settings etc ?

        • 1. Re: Scan for configuration

          MVM isn't a configuration management/auditing tool, but if MVM has a test for the item you're looking for (i.e. if it is considered a vulnerability), then you can report on it.

           

          For listening services, you can use an asset filter in a report:

           

               Open ports equals [the number of the port you're interested in]

           

          For other items, you'll need to check to see if there is a test for the particular condition you're interested in (i.e. if it can be or is considered a vulnerability.)

           

          You can do searches through the vulnerability list, or, if you have access to a test system, set it up with the condition you're interested in, and do an authenticated scan.

          Look through all the detections for that system, paying particular attention to the 'informational' level of alerts.

           

          J. Dunn

           

          Message was edited by: jldunn -- added "authenticated" on 7/19/12 4:07:39 PM CDT