Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
362 Views 1 Reply Latest reply: May 13, 2013 4:56 PM by cgrim RSS
devilson911 Newcomer 78 posts since
May 28, 2007
Currently Being Moderated

May 13, 2013 12:18 PM

Vulnerability Manager Web Scan

Hi, we currently evaluating the VA web scan and we are having problem on how to perform the web scan.

gone through the product guide but no much information on how to configure the scan settings.

can someone share his experience how he configure the scan and what information is gathered to perform the scan.

Regards

  • Community Leader 479 posts since
    Nov 3, 2009
    Currently Being Moderated
    1. May 13, 2013 4:56 PM (in response to devilson911)
    Re: Vulnerability Manager Web Scan

    Hi D,

     

    The Product Guide doesn't have much to go on, but the in-product help (click on the "?" in the specific section in the product) does explain each of the fields.  The diversity of all the different options for every website make it very hard to have a very comprehensive guide.

     

    It really depends on what you're trying to scan.  Does your Website require you to log in?  What sort of credentials do you need?  FORM based, or NTLM etc. (configured in the Credentials /  Web Application URL section) 

     

    Increasing the WebModule logging by adding the following registry  tweak:

     

    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Foundstone\Foundscan\Tweaks

    WebScanLogLevel

    DWORD value "3"

     

    Restart ScanEngine Service.  Configure and scan...  after the scan you will have additional logs:

    fsa_<job string>.log

    They will show everything like the Request<>Response, and you can tell what our webmodule sends and what the website comes back with.  This helps in debugging and might give you some clues, if you're still stumped and need some help configuring the scan,  then it will be needed when you open a Service Request anyway.

     

    I hope that helps!
    Cathy

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points