Product manual
GFI LanGuard 5 Scanning Your Network | 65
5.2.1 Complete/Combination Scans
Complete/Combination Scans profiles
Full Vul-
nerability
Assessment
Use this scanning profile to enumerate particular network vulnerabilities such as open TCP/UDP ports
commonly exploited by Trojans as well as missing patches and service packs. The list of vulnerabilities
enumerated by this profile can be customized through the Vulnerabilities tab. Installed USB devices
and applications are not enumerated by this profile. This profile will scan for all vulnerabilities. This
includes vulnerabilities which have an associated Microsoft
®
patch to them and which are considered
missing patches.
Full Scan
(Active)
Use this scanning profile to retrieve system information as well as scan your network for all supported
vulnerabilities including open TCP/UDP ports, missing patches and service packs, USB devices con-
nected and more. The vulnerability check timeouts in this profile are specifically preconfigured to suite
the network traffic and transmission delays usually associated with LAN environments.
Full Scan
(Slow Net-
works)
Use this scanning profile to retrieve system information as well as scan your network for all supported
vulnerabilities including open TCP/UDP ports, missing patches and service packs, USB devices con-
nected and more… The vulnerability check timeouts in this profile are specifically preconfigured to
suite the network traffic and transmission delays usually associated with WAN environments.
Table 23: Complete/Combination scanning profiles
5.2.2 Vulnerability Assessment
Vulnerability Assessment profiles
Top SANS 20
Vulnerabilities
Use this scanning profile to enumerate all vulnerabilities reported in the SANS top 20 list.
High Security
Vulnerabilities
Use this scanning profile to enumerate open TCP/UDP ports and high security vulnerabilities. The list
of TCP/UDP ports and high security vulnerabilities that will be enumerated by this profile can be cus-
tomized through the TCP/UDP Ports tabs and the Vulnerabilities tab respectively.
Last Year's Vul-
nerabilities
Use this scanning profile to enumerate network vulnerabilities that emerged during the last 12
months.
Only Web Use this scanning profile to identify web–server specific vulnerabilities. This includes scanning and
enumerating open TCP ports that are most commonly used by web–servers such as port 80. Only TCP
ports commonly used by web–servers are scanned by this profile. Network auditing operations as well
as enumeration of vulnerabilities and missing patches are not performed using this profile.
Missing
Patches
Use this scanning profile to enumerate missing patches. The list of missing patches that will be enu-
merated by this profile can be customized through the Patches tab.
Critical
Patches
Use this scanning profile to enumerate only missing patches that are tagged as critical. The list of crit-
ical patches that will be enumerated by this profile can be customized through the Patches tab.
Last Month's
Patches
Use this scanning profile to enumerate only missing patches that were released last month. The list of
missing patches that will be enumerated by this profile can be customized through the Patches tab.
Only Service
Packs
Use this scanning profile to enumerate missing service packs. The list of service packs that will be enu-
merated by this profile can be customized through the Patches tab.
Non-
Microsoft
®
Patches
Use this scanning profile to enumerate missing Third-Party patches, such as Adobe products.
Security
Patches
Use this scanning profile to enumerate missing Microsoft
®
and non-Microsoft
®
Security Patches on your
scan targets.
Table 24: Vulnerability assessment scanning profiles