How to successfully run an Authenticated Solaris scan in Qualys? *New to Qualys.
To run an authenticated scan for Solaris you will first need to set up a Unix authentication record. Then an options profile to use that record. You can full details on how to do this in the Qualys self-paced Vulnerability Management training or in the Qualys Video Library.
In addition to Ian's answer, there are also some resources for authenticated scanning, available on your platform under Help -> Resources. You can view them at Resources.
[update]: correction made.
Oh thank you, however under the resources all i see is Unix/ oracle and others it doesn't specifically tell me that there is documentation for Solaris; since Solaris authenticates differently would the only difference be is using a root delegation tool when adding it to the authentication tab?
Sorry, you're right about there not being specific Solaris doc on that page, so I updated my post. Unfortunately I'm at the limit of my knowledge on this topic. If anyone else can help, please do; meanwhile I'll ping some people internally.
Thank you so much. I thought I was blind there for a second.
To my knowledge (and I've thrown out my last Solaris boxes so cannot check again now) auth scanning for Solaris is just as stated in the PDF. You'll need sshd enabled on the target (please avoid using telnetd although it will work too). You need an non-priv user account on the target and a priv escalation method - sudo, pimsu and powerbroker are supported. When set up on the target, add all these to a new UNIX auth record and apply the target IPs of each Solaris box to that record. Out of interest, which version of Solaris are you scanning ?
oh wow thank you I will relay this to my Linux admin. It looks as if it version 9-11
Retrieving data ...