Troubleshooting

How do I avoid unwanted login attempts when performing a scan using on-prem?


When running a scan using on-prem deployment, the scanner will perform login attempts trying to detect certain vulnerabilities on your network. Most of these tests can be excluded by not selecting Include tests that perform login attempts in the scan configuration, Potentially dangerous tests and Password brute forcing in your scanning profile or exclude categories such as Brute force attacksCredentials and Default accounts from the scan settings categories.

We will soon add an option to exclude all login attempts, until then, if your environment is still affected by unwanted login attempts, you can try to exclude some or all these tests in you scanning profile:

Software detection plugins:

HID-2-1-339026
HID-2-1-034710
HID-2-1-034077
HID-2-1-332869
HID-2-1-035663
HID-2-1-347802
HID-2-1-334288
HID-2-1-035439
HID-2-1-334868
HID-2-1-334074
HID-2-1-346238
HID-2-1-33613
HID-2-1-331891
HID-2-1-346363

Malware detection plugins:

HID-2-1-534503
HID-2-1-534571

Generic intrusive plugins:

HID-2-1-33374
HID-2-1-37273
HID-2-1-37153
HID-2-1-34449
HID-2-1-336573
HID-2-1-33226
HID-2-1-34502
HID-2-1-334685
HID-2-1-334777
HID-2-1-136376
HID-2-1-036907
HID-2-1-036908
HID-2-1-33506
HID-2-1-33740
HID-2-1-33856
HID-2-1-384668
HID-2-1-34595
HID-2-1-332085
HID-2-1-38201
HID-2-1-332776
HID-2-1-33278
HID-2-1-332787

Intrusive tests that use port 22 (SSH):

HID-2-1-337951
HID-2-1-337489
HID-2-1-038971
HID-2-1-339855
HID-2-1-339991
HID-2-1-337796
HID-2-1-374661
HID-2-1-374660
HID-2-1-374671
HID-2-1-332570
HID-2-1-339986
HID-2-1-33613
HID-2-1-334716
HID-2-1-33262