AnsweredAssumed Answered

How does Qualys performs domain based authenticaion?

Question asked by Vimal Alakhar V N on Nov 28, 2014
Latest reply on Nov 29, 2014 by Jean Voncken

We have a scenario where authentication fails on target machines that are part of specific domain. Authentication passes for target hosts that are part of different domain.

 

Can someone explain how Qualys performs authentication on domain environment at the back end.

Looked around for documentation and can find only the following document which doesn't explain much on the back end process.

https://www.qualys.com/docs/version/8.2/source/qualys-authenticated-scanning-windows.pdf


Looking for something similar to the following,

 

1. Qualys queries target host on port 139/445 for domain information

2. If no response then it tries with 137

3. Qualys does a DNS query to identify the AD server information

4. .....

 

Appreciate if anyone can shed some light on this process

Outcomes