Perform Vulnerability Scanning using GFI LanGuard
GFI LanGuard scans, detects, assesses, and rectifies security vulnerabilities in your network and connected devices. It scans the network and ports to detect, assess, and correct security vulnerabilities, with minimal administrative effort. It scans your OSes, virtual environments, and installed applications through vulnerability check databases. It enables you to analyze the state of your network security, identify risks, and address how to take action before it is compromised.
Here, we will use GFI LanGuard to perform vulnerability scanning on the target system.
Launch any browser, in this lab we are using Mozilla Firefox. In the address bar of the browser place your mouse cursor and click https://www.gfi.com/products-and-solutions/network-security-solutions/gfi-languard/download/ and press Enter
The GFI LanGuard registration page appears. Enter your details and business email under the Business Email field and click Continue.
On the next page, enter the required details and select the I agree to GFI Software terms of service and privacy policy and consent to GFI Software to process data checkbox and click Start my free trial
The Download your GFI LanGuard trial page appears; click the Download your free trial button.
The Opening languard.exe pop-up appears; click Save File.
Now, navigate to the download location (here, Downloads) and double-click languard.exe to install.
- If the User File — Security Warning pop-up appears, click Run.
The GFI LanGuard dialog box appears; select preferred language (here, English) and click OK.
The GFI LanGuard wizard appears with selected components for installation; click Next to proceed.
The Database Configuration window appears. In the SQL server name field, type .\SQLEXPRESS and leave SQL database name as default. Ensure that the Use Windows Authentication checkbox is selected and click OK.
- The SQL server name might differ in your lab environment.
Now, switch back to the Mozilla Firefox browser, open a new tab, and log in to your email account that you have given while registration.
Open an email from GFI Downloads and copy the activation key.
The GFI LanGuard License Key window appears. Paste the received activation key in the Enter License Key field and click OK.
GFI LanGuard starts installing after the completion of the installation; when the GFI LanGuard Setup window appears, click Next.
The End-User License Agreement wizard appears; accept the terms and click Next.
In the Attendant service credentials wizard, leave the Name field as default and enter the Password of the administrator account ; then, click Next.
- The Name field might differ in your lab environment.
In the Choose Destination Location wizard, leave the Folder location set to default and click Install.
The Installing GFI LanGuard wizard appears. After the completion of installation, the GFI LanGuard Central Management Server Setup window appears; then, click Next.
In the Service logon information wizard, leave the User Name field (Administrator user account) set to its default, enter the Password of the administrator account and click Next.
The Name field might differ in your lab environment.
The HTTPS Settings wizard appears; keep the name in its default and click Next.
The name field might differ in your lab environment.
In the Destination Folder wizard, choose the location where you want to install the application (here, the default location is selected) and click Next.
In the Ready to install wizard, click Install to proceed.
Once the installation is complete in the GFI LanGuard Central Management Server Setup window, click Finish.
In the GFI LanGuard Setup window, ensure that the Launch GFI LanGuard checkbox is selected. De-select the Launch GFI LanGuard Central Management Server checkbox and click Finish.
A GFI LanGuard pop-up appears on the main window of the application; click Continue evaluation.
The GFI LanGuard main window appears, and it begins to inspect the security status of the local computer.
Click Launch a Scan or View details.
A window indicates that a scan on the local machine is already in progress.
Allow the scan to finish analyzing vulnerabilities in the host machine.
Click Stop to halt the vulnerability scan on the host machine.
If the Stop scanning confirmation pop-up appears, click Yes.
The scan might take time to stop.
The Launch a New Scan page appears: specify the details required to scan a target/machine as follows:
Enter the IP address of the machine in the Scan Target field (here, the target machine is Windows Server 2016 [10.10.10.16]), and ensure that the Full Scan option is selected from the Profile drop-down list.
Ensure that Currently logged on user is selected in the Credentials drop-down list.
Click Scan.
This may vary in your lab environment.
GFI LanGuard takes some time to perform the vulnerability assessment on the intended machine.
Once the scanning is complete, a Scan completed! message is displayed under Scan Results Details, as shown in the screenshot.
The scanning takes approximately 20–30 minutes to complete.
To examine the scanned result, in the left pane under Scan Results Overview, click the IP address (10.10.10.16) node to expand it. The Vulnerability Assessment and Network & Software Audit nodes are displayed, as shown in the screenshot.
The results might differ in your lab environment.
Click the Vulnerability Assessment node. This shows category-wise details of assessed vulnerabilities. Click each category to view the vulnerabilities in detail.
Expand Ports and click Open TCP Ports to view all the open TCP Ports under the Scan Results Details section in the right pane, as shown in the screenshot.
Click System Information to view detailed information about the target system under the Scan Results Details section in the right pane.
Expand the System Information node and click Shares to view the details of shared folders in the target machine.
Similarly, you can click the Hardware and Software nodes to view detailed scan information.
Click the Dashboard tab to display the scanned network information. In the left pane, expand Entire Network, and then CEH; then, click SERVER2016.
Detailed information such as Vulnerability Level, Security Sensors, Computer Details, Scan Activity, and Results Statistics are displayed in the right pane, as shown in the screenshot
In real-time, using this vulnerability information about the target systems can be used to develop and design exploits suitable to break into a network or a single target.
You can further explore the tool by clicking on various options. For instance, click on Software from the options at the top to view a list of applications installed on the target machine under the Application Category list. You can also click on any application (here, Google Chrome) to view its detailed information under Details sections, as shown in the screenshot.
Click on the Vulnerabilities option; a list of various categories of vulnerabilities appears under the Vulnerability Types section. Click on any category of vulnerability (here, High Security Vulnerabilities): detailed information on this category is displayed under the Details section, and a list of vulnerabilities is displayed under the Vulnerability List section.
You can further explore scanned results by clicking various options such as Patches, System Information, Hardware, and Ports.
Now, click on the Report tab and click the Vulnerability Status type under General Reports from the right pane.
Information about the Vulnerability Status report appears in the right pane; click the Generate Report button to create the vulnerability report.
The Vulnerability Status report appears in the right pane. Click on the drop-down icon next to icon and choose the HTML File format.
The HTML Export Options window appears; leave the settings to default and click OK.
The Save As window appears; set the download location to Desktop. Rename the file to Vulnerability Status Report.html and click Save.
The GFI LanGuard pop-up appears; click Yes to open the file.
In the How do you want to open this file? pop-up, select any web browser (here, Firefox) and click OK.
The Vulnerability Status report appears; you can scroll down to view detailed information regarding discovered vulnerabilities.
This concludes the demonstration of scanning network vulnerabilities using GFI LanGuard.
