How Do I Scan My Servers?
The HSS service detects risks and abnormal operations on servers in real time and performs a comprehensive scan for the servers every early morning. In addition, you can conduct manual detections to check key configuration information on servers.
At least a three-minute interval is required between two manual detections for the same item.
Prerequisites
The Agent Status of the server is Online, the Protection Status is Enabled, and the Edition is Enterprise or Premium.
Check Items
HSS will scan your servers for software information, Linux software vulnerabilities, Windows system vulnerabilities, Web-CMS vulnerabilities, web shells, password risks, and unsafe settings configuration.
Scan Duration
- The scan for a single item (such as password risks) takes less than 30 minutes.
- A comprehensive manual scan takes less than 30 minutes. Items are scanned concurrently.
Performing a Manual Scan with One Click
Performing a manual scan with one click can detect risky software information, vulnerabilities, web shells, key configuration information, weak password complexity policies, and accounts using weak passwords on the servers. After the scan is complete, you can view overall risk statistics or the details of a single server on the HSS console.
- Log in to the management console.
- In the upper left corner of the page, select a region, click , and choose .
- In the upper right corner of the Servers page, click Manual Scan.
Figure 1 Performing a manual scan
- In the Manual Scan dialog box, select the target servers and click OK.
Figure 2 Manual scan
- On the Dashboard page of the HSS console, view the overall detection result. Alternatively, on the Servers page, click View Scan Results in the Operation column of a server to view the manual detection results of the server.
Manually Checking an Item
- Log in to the management console.
- In the upper left corner of the page, select a region, click , and choose .
- In the navigation pane, choose Servers. In the Operation column of the server list, click View Scan Results.
Figure 3 Viewing scan results
- Checking software information
Click Installed Software on the Assets tab, and click Scan.
Figure 4 Viewing software information
- Detecting vulnerabilities
Click the Vulnerabilities tab. Click Linux Vulnerabilities or Web-CMS Vulnerabilities and click Scan.
The manual detection of either software vulnerabilities or software information management will collect software information from servers.
- Click Select the Vulnerability Management tab, select a system vulnerability, and click Scan. HSS will scan for system vulnerabilities immediately.
Figure 5 Detecting system vulnerabilities
- Click the Vulnerabilities tab. Click Web-CMS Vulnerabilities, select a vulnerability, and click Scan. HSS will detect Web-CMS vulnerabilities immediately.
Figure 6 Detecting Web-CMS vulnerabilities
- Click Select the Vulnerability Management tab, select a system vulnerability, and click Scan. HSS will scan for system vulnerabilities immediately.
- Detecting password risks
Click the Unsafe Settings tab and click Password Risks. Click Scan to manually detect unsafe configurations.
Figure 7 Detecting weak passwords
- Detecting unsafe settings
Click the Unsafe Settings tab and click Unsafe Configurations. Click Scan to manually detect unsafe configurations.
Figure 8 Detecting unsafe settings
- Checking software information
- Wait until Detection Status changes to Completed, click to refresh the detection results.
Others FAQs
- What Should I Do If the Key Board Response Is Slow or If I Need to Enter Consecutive Digits in Chinese Windows OS?
- How Do I Use the Windows Remote Desktop Connection Tool to Connect to a Server?
- How Do I Check HSS Log Files?
- How Do I Enable Logging for Login Failures?
- How Do I Scan My Servers?
- Why Does Manual Detection Fail?
- Does HSS Have a Service Level Agreement?
- How Do I Clear an Alarm on Critical File Changes?
- Is HSS Available as Offline Software?
- Do I Have to Bind an EIP to My Server to Install an HSS Agent on the Server?
- Can I Use HSS Via APIs?
- Can HSS Alarm Logs Be Stored in OBS?
- How Do I Change the Server Bound to an HSS Quota?
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbotmore