Product manual

ManualsBrandsGFI ManualsSoftwareLanGuard, Add, 25-49IP, 1Y, ENG

101

102

103

104

105

106

107

108

109

110

GFI LanGuard 7 Interpreting Results | 108

7.1.3 Vulnerability Assessment

Screenshot 65: The Vulnerability Assessment node

Click on any Vulnerability Assessment node to view the security vulnerabilities identified on the

target computer grouped by type and severity.

High Security Vulnerabilities

Click on the High Security Vulnerabilities or Low Security Vulnerabilities sub–nodes for a list of

weaknesses discovered while auditing a target device. Groups are described in the following table:

Group Description

Mail, FTP, RPC,

DNS and Mis-

cellaneous

Shows vulnerabilities discovered on FTP servers, DNS servers, and SMTP/POP3/IMAP mail servers.

Links to Microsoft

Knowledge Base articles or other support documentation are provided.

Web Lists discovered vulnerabilities on web servers (such as wrong configuration issues). Supported

web servers include Apache, Internet Information Services (IIS

) and Netscape.

Services Lists vulnerabilities discovered in active services as well as the list of unused accounts that are

still active and accessible on scanned targets.

Registry Registry settings of a scanned network device are listed. Links to support documentation and short

vulnerability descriptions are provided.

Software Enumerates software installed on the scanned network device(s). Links to supporting doc-

umentation and short vulnerability descriptions are provided.

Rootkit Enumerates discovered vulnerabilities because of having a rootkit installed on the scanned net-

work device(s). Links to supporting documentation and short vulnerability descriptions are pro-

vided.

Table 43: Vulnerability groups

Potential vulnerabilities

Select Potential vulnerabilities sub–node to view scan result items classified as possible network

weaknesses. Although not classified as vulnerabilities, these scan result entries still require particular

attention since malicious users can exploit them during malicious activity.

For example, during vulnerability scanning GFI LanGuard enumerates all modems installed and

configured on target computers. If unused, modems are of no threat to your network. If connected to

a telephone line these modems can however be used to gain unauthorized and unmonitored access to

the Internet. Users can potentially bypass corporate perimeter security including firewalls, anti–virus,

website rating and web content blocking. This exposes the corporate IT infrastructure to a wide

range of threats including hacker attacks. GFI LanGuard considers installed modems as possible

threats and enumerates them in the Potential Vulnerabilities sub–node.