Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Options for Local Security Checks

Information

Severity

Severity

Informational

Family

Family

Settings

CVSSv2 Base

CVSSv2 Base

0.0

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:N

Created

Created

14 years ago

Modified

Modified

5 years ago

Summary

This script allows users to set some Options for Local Security Checks which are stored in the knowledge base and used by other tests. Description of the options: - Also use 'find' command to search for Applications: Setting this option to 'no' disables the use of the 'find' command via SSH against Unixoide targets. This reduces scan time but might reduce detection coverage of e.g. local installed applications. - Descend directories on other filesystem (don't add -xdev to find): During the scan 'find' is used to detect e.g. local installed applications via SSH on Unixoide targets. This command is descending on special (network-)filesystems like NFS, SMB or similar mounted on the target host by default. Setting this option to 'no' might reduce the scan time if network based filesystems are not searched for installed applications. - Enable Detection of Portable Apps on Windows: Setting this option to 'yes' enables the Detection of Portable Apps on Windows via WMI. Enabling this option might increase scan time as well as the load on the target host. - Disable the usage of win_cmd_exec for remote commands on Windows: Some AV solutions might block remote commands called on the remote host via a scanner internal 'win_cmd_exe' function. Setting this option to 'yes' disables the usage of this function (as a workaround for issues during the scan) with the risk of lower scan coverage against Windows targets. - Disable file search via WMI on Windows: Various VTs are using WMI to search for files on Windows targets. Depending on the attached storage and its size this routine might put high load on the target and could slow down the scan. Setting this option to 'yes' disables the usage of this search with the risk of lower scan coverage against Windows targets. - Report vulnerabilities of inactive Linux Kernel(s) separately: All current package manager based Local Security Checks are reporting the same severity for active and inactive Linux Kernel(s). If this setting is enabled the reporting for inactive Linux Kernel(s) is done separately in the VT 'Report Vulnerabilities in inactive Linux Kernel(s)' (OID: 1.3.6.1.4.1.25623.1.0.108545). Please note that this functionality is currently only available for Debian (and Derivates using apt-get) and RPM based Distributions and needs to be considered as 'experimental'.