2. Read Before UseΒΆ

The Greenbone Security Manager (GSM) includes a full-featured Vulnerability Scanner. While the vulnerability scanner is designed to have a minimal invasive impact on your network environment, it still needs to interact and communicate with the target systems which are analyzed during a vulnerability scan.

Remember that it is the fundamental task of this solution to find and identify otherwise undetected vulnerabilities. The scanner must behave to a certain extent like a real attacker would.

While the default and recommended settings reduce the impact of the vulnerability scanner to the environment to a minimum, unwanted side effects may still occur. The scanner settings allow the control and refinement of the scanner’s effects. Please be aware of the following general side effects:

  • Log and alert messages may show up on the target systems triggered by the probes of the vulnerability scanner.
  • Log and alert messages may show up on firewalls and intrusion detection and prevention systems.
  • Scans may increase latency on the target and/or the network being scanned, in extreme cases resulting in situations similar to a denial of service (DoS) attack.
  • Scans may trigger bugs in fragile or insecure applications resulting in faults or crashes.
  • Scans may result in user accounts being locked due to the testing of default username/password combinations.
  • Embedded systems and elements of operational technology with weak network stacks are especially subject to possible crashes or even broken devices.

Remember that triggering faults, crashes or locking with default settings means that an attacker can do the very same at unplanned times and to an unplanned extent. Finding out about it earlier than the attacker is the key to resilience.

While these side effects are very rare when using the default and recommended settings, the vulnerability scanner allows the configuration of invasive behavior and thus will increase the probability of the above listed effects.

Before using the GSM to scan the target systems in your environment please be aware of these facts and verify that you are authorized to execute such scans.