Product manual
GFI LanGuard 14 Script Debugger | 237
Screenshot 163: Adding vulnerability checks - Defining conditions
8. Select the relative condition setup in the wizard to finalize script selection. Click Finish to exit
wizard.
9. Click OK to save new vulnerability check.
14.3 SSH Module
GFI LanGuard includes an SSH module which handles the execution of vulnerability scripts on
Linux/UNIX based systems.
The SSH module determines the result of vulnerability checks through the console (text) data
produced by an executed script. This means that you can create custom Linux/UNIX vulnerability
checks using any scripting method that is supported by the target operating system.
14.3.1 Keywords
The SSH module can run security scanning scripts through its terminal window. When a security scan
is launched on Linux/UNIX based target computers, vulnerability checking scripts are copied through
an SSH connection to the respective target computer and run locally.
The SSH connection is established using the logon credentials (i.e. username and password/SSH
Private Key file) specified prior to the start of a security scan.
The SSH module can determine the status of a vulnerability check through specific keywords present
in the text output of the executed script. These keywords are processed by the module and
interpreted as instruction for the GFI LanGuard. Standard keywords identified by the SSH module
include the following: