To obtain a deeper analysis into a device's potential vulnerabilities, it is necessary to perform local checks and queries on the device itself. This is accomplished through Credentialed Scanning, which is configured in the Nodeware Portal dashboard on a per-Sensor basis for each customer. To configure/enable Credentialed Scanning, the Admin Role for Nodeware is required.
By default, the Nodeware sensor performs unauthenticated scans. Credentials can leverage WINRM (Windows) or SSH (Mac and Linux). Before enabling credential scanning, ensure that WinRM and SSH is enabled in the environment. See the links below for guidance on enabling credential scanning WinRM and SSH.
macOS
Enable SSH access on each individual asset.
https://knowledge.autodesk.com/support/smoke/troubleshooting/caas/sfdcarticles/sfdcarticles/Enabling-remote-SSH-login-on-Mac-OS-X.html
Linux
Enable SSH access on each individual asset.
https://www.cyberciti.biz/faq/ubuntu-linux-install-openssh-server/
Note: Nodeware doesn’t support credentialed scanning from our external scanners.
To enable Credentialed Scanning, do the following:
1. Log into the Nodeware Dashboard at https://app.nodeware.com.
2. Click Customers.
3. Click the Settings icon on the customer where credentialed scanning will be enabled.
4. Click Credentialed Scanning.
5. Click Add Credential.
The screen below appears.
6. Enter a name for the account.
7. Select either Windows Remote Management (WinRM) or Secure Shell (SSH).
8. Enter Domain (optional).
9. Enter a Username and Password. It is recommended that complex passwords are used.
10. The Administrator Account is selected by default. For agents, administrative credentials are needed. For sensors, it is highly recommended that a service account is created with administrative privileges. User accounts should not be used.
11. Select Use TLS (Requires WS-Management HTTPS) when it is enabled in the environment. It keeps the connection encrypted end to end, but it requires a certificate and correct configuration. It is highly recommended it, but it is not enabled by default.
12. Click Add Credential.
The credential is now active and can be used in new scans.
Comments
0 comments
Please sign in to leave a comment.