How can I identify the number of Documentum Content Servers in particular asset group? Do I need to run the aunthetication scan, any QID which we have in Qualys VM knowledge base.
Any hint will be helpful for me.
Thanks and Regards,
Creating OVAL vuln signatures is rather difficult, so I'm glad that you have Policy Compliance. To create a new control in Policy Compliance, click:
Policy Compliance -> Policies -> Controls -> New -> Control
From there you can pick out any criteria that you have discovered to identify a Documentum server (ie. Registry or File on Windows, File Existence or File Content on Unix).
After you've created the new Control, all NEW Policy Compliance scans will search for the defined criteria. You then just need to create a new (or edit an existing) Policy to display the results.
I'm not familiar with Documentum. Is that a software which you install on a Windows server? If so, then it should show up in QID 90235 from an Authenticated scan.
Yes this is the emc documentum server instance I am talking about, which have component content server installs on windows and unix boxes.
Let me know if additional information is required.
Thanks for your update.
Sent from my iPhone
Ah, then QID 90235 for Windows servers and QID 45141 on Unix servers should list Documentum in the "Results" section of the report. Take a look at a known Documentum server to confirm, and then the quickest route to get your list is under:
Assets -> Asset Search -> Asset Groups "All" -> QID "90235" -> with results -> containing -> "identifying string for Documentum" -> Search
Then repeat with QID 45141. Let me know if that works for you!
Alternatively you can create a new "OVAL" vulnerability signature which searches for a file or Registry entry, or it's even easier if you have Policy Compliance.
We hav policy compliance as well, can you please let me know what to follow in PC?
Thanks for your response.
Retrieving data ...