Light scan for operating system detection only

Document created by kb-author-1 Employee on May 19, 2010Last modified by eschamp on Nov 18, 2013
Version 4Show Document
  • View in full screen mode

Product: QualysGuard

Category: Scans

 

Issue: Running a light scan to detect only the operating system of hosts. The light scan uses a limited number of common ports to scan and only probes a small set of QIDs, sufficient to be able to detect the OS of the target server.

 

Solution:

 

1. Navigate to VM > Scans > Search Lists and select New > Static List.

 

2. Enter the title "Light Scan" and add these QIDs:

- 82023 Open TCP Services List (lists open TCP ports)

- 82004 Open UDP Services List (lists open UDP ports)

- 45017 Operating System Detected (list discovered OS)

- 82044 Host Name Found (lists NetBIOS name)

- 6 Reachable Host List (lists DNS information)

 

3. Save your search list.

 

4. Navigate to VM > Scans > Option Profiles and select New > Option Profile.

 

5. Enter a title for the new profile.

 

6. Go to the Scan section.

 

7. Under Scanned TCP Ports, select None, check Additional, and enter the following ports in the field provided: 21,22,23,25,53,111,135-139,445.

 

8. Under Scanner UDP Ports, select None, check Additional, and enter the following ports in the field provided: 53,161,500.

 

9. Under Vulnerability Detection, select Custom, then Add Lists. Select the search list you just created called "Light Scan" and click OK.

 

10. Click Save to save the new profile.

 

11. Start a scan by going to VM > Scans > New Scan (or Schedule Scan). Be sure to select the option profile you just configured.

Attachments

    Outcomes