UISO Vulnerability Scanners
QualysGuard Vulnerability Scanner
The QualysGuard Vulnerability Scanner (Qualys) is used to discover vulnerabilities on systems and websites on the IU network. In order to request access to the system, you will need to send an email to email@example.com with the following information.
- Unique name for your group. If possible ADS groups or HR Codes like IU-UISO are the optimal format for this.
- username and Full Name of chief persons in charge of dealing with scanning in your group (There can be more than one
- username and full name of any other users who will need to read scan reports
- If you're doing website scanning, a list of URLs to scan.
- If you're doing system scanning, a list of only IPs or CIDR blocks broken out in three sections.
- Machines in the IU DATA center
- Machines outside the IU DATA center with a static IP
- Any DHCP ranges you exclusively control
When logging into Qualys, you will always need to use the SAML login link. If you're prompted for a username and password and not CAS, you need to use this link.
You may need to provide access to the scanner if you use a host-based firewall or other protections against attack on the system. The scanner does not perform denial of service attacks. These IPs should be able to ping your hosts, but if you allow the scanner to access more open ports it will give more precise results.
Additionally, any public website will most likely be scanned from a remote scanner located in the following block:
Web Application Vulnerability Scanner
The Web Scanner attempts to discover vulnerabilities in your Web site. It begins by indexing your entire site looking for Web pages,then determines which tests it needs to run based on the type of Web site/pages present.
Read more about the Web Application Vulnerability Scanner.