AnsweredAssumed Answered

Maintaining unix authentication record(s)

Question asked by qcberb on Feb 25, 2015
Latest reply on Feb 8, 2019 by Rusty Qualyz

Here is the setup for this question.



Maintaining the list of IP's contained in a unix auth record can be time consuming and/or cause delays for others needing a scan to happen.  I keep adding new systems as they come online because we want authenticated scans.  Removing IP's is another story...  This brings us to the question...


What is the downside, if any, of just adding the entire IP space (in this case, say a large block of rfc 1918 space) to a unix auth record.  Knowing that some or even most of those sytems will be windows or some other non-unix variant.  If the option profile says to use unix and windows auth, will Qualys try all types of auth records or will it quit after some number of failed attempts assuming it chooses the wrong authentication record (or authentication record type) first?  I assume Qualys tries to make an educated guess as to what the OS is before attempting to find an applicable authentication record.


If it does work, how much time may be wasted while failing to authenticate with the 'wrong' records method?


So to summarize.... Is there any negative side effect of having non-unix system IP's in a unix authentication record?  Other than efficiency :-)