If I use PC to scan an asset group that has Unix and Windows hosts, and my compliance policy is setup only for Windows hosts – what is the procedure we use to select only Windows hosts?
With PC, what would happen if we find a Unix box w/ Samba and it has port 139 that we can authenticate to? Will it try to check it for a Windows policy?
It is the same methodology as for Vulnerability Management (VM). Compliance Policies apply to detected operating systems and, since trusted scanning is mandatory for PC, we will always have an accurate OS through a trusted login.
In the case of Samba we would initially follow the procedure for Windows to detect the OS, which requires registry access. Since Samba does not provide registry access that particular execution path in ML would no continue, i.e. Windows policies would not apply. Shell-based policies for Unix are executed independently and would be attempted regardless of whether we detect port 139 open.
Qualys Support KnowledgeBase