Mea,
If you want to get the standard reports that most people are used to from an ISS Scan, you'll need to also run a separate scan from the ISS Scanner Console against the server/system. See ISS Knowledgebase Answer ID 2115 for more details. Seems ISS deliberately disabled ISS Scanner Console scans from populating the SiteProtector database. It would be a great feature if there was an option available to also send data to SiteProtector when running independent ISS Scanner Console scans.
There has also been some forum discussion regarding having the ISS Scanner Console scans using a remote centralized database for storage but I believe this is not currently supported. I've tried to set it up myself, and have not been able to get the local ISS Scanner Console to recognize the remote database even when setting up a separate DSN that does communicate properly with the database. Seems the only way to consolidate scanning data is to export/import from the Desktop SQL install required by the ISS Scanner install.
I'm hoping the ISS will more closely integrate the independent scans with SiteProtector, or at least add an option when you run a scan to send the data to SiteProtector. Either that or improve the vuln. reports within SiteProtector.
Bob
Robert J. Craig, CISM, CISSP
Senior Security Engineer
NETSEC
13525 Dulles Technology Drive
Herndon, VA 20171
(703) 561-0420
(703) 832-4505 fax
[EMAIL PROTECTED]
http://www.netsec.net
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of ITSec
Sent: Wednesday, October 08, 2003 6:33 PM
To: MeaCulpa; [EMAIL PROTECTED]
Subject: Re: [ISSForum] Scans from SP 2.0 Console and Internet scanner
Once you make Internet Scanner part of RSSP, you will do all your scans from the Console-which can also be installed on the scanner system. The answer to your question is yes is can be done in one run. When you run your scan and have fusion enabled fusion works with the event collector to correlate the data using Attack component and Impact component....what will be seen in the Console Sensor Analysis tab will be whatever you decide to use for filters-and/or your analysis view.
----- Original Message -----
From: "MeaCulpa" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, October 06, 2003 5:36 AM
Subject: [ISSForum] Scans from SP 2.0 Console and Internet scanner
> Hi all,
>
> I read the archives, but I could not find an answer to the questions I
> have. So, here is the question.
>
> What I want to do is initiate scans from the SP Console to feed the
> Fusion module with the vulneralities information AND report on the
> vulnerability status of a server. Can this be done in one run, or
> should I run separate scans from the SP Console to feed Fusione en
> separate scans from the Scanner Console to report on known
> vulnerabilities?
>
> We are using SiteProtector 2.0, Fusion Module and Internet Scanner
> 7.0.
>
> Kind regards
> Mea
>
>
>
> _______________________________________________
> ISSForum mailing list
> [EMAIL PROTECTED]
>
> TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to
https://atla-mm1.iss.net/mailman/listinfo
_______________________________________________
ISSForum mailing list
[EMAIL PROTECTED]
TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo
