Help Center> Host Security Service (Old)> FAQs> Others> How Do I Scan My Servers?
Updated on 2022-08-11 GMT+08:00
View PDF

How Do I Scan My Servers?

The HSS service detects risks and abnormal operations on servers in real time and performs a comprehensive scan for the servers every early morning. In addition, you can conduct manual detections to check key configuration information on servers.

At least a three-minute interval is required between two manual detections for the same item.

Prerequisites

The Agent Status of the server is Online, the Protection Status is Enabled, and the Edition is Enterprise or Premium.

Check Items

HSS will scan your servers for software information, Linux software vulnerabilities, Windows system vulnerabilities, Web-CMS vulnerabilities, web shells, password risks, and unsafe settings configuration.

Scan Duration

  • The scan for a single item (such as password risks) takes less than 30 minutes.
  • A comprehensive manual scan takes less than 30 minutes. Items are scanned concurrently.

Performing a Manual Scan with One Click

Performing a manual scan with one click can detect risky software information, vulnerabilities, web shells, key configuration information, weak password complexity policies, and accounts using weak passwords on the servers. After the scan is complete, you can view overall risk statistics or the details of a single server on the HSS console.

  1. Log in to the management console.
  2. In the upper left corner of the page, select a region, click , and choose Security & Compliance > Host Security Service.
  3. In the upper right corner of the Servers page, click Manual Scan.

    Figure 1 Performing a manual scan

  4. In the Manual Scan dialog box, select the target servers and click OK.

    Figure 2 Manual scan

  5. On the Dashboard page of the HSS console, view the overall detection result. Alternatively, on the Servers page, click View Scan Results in the Operation column of a server to view the manual detection results of the server.

Manually Checking an Item

  1. Log in to the management console.
  2. In the upper left corner of the page, select a region, click , and choose Security & Compliance > Host Security Service.
  3. In the navigation pane, choose Servers. In the Operation column of the server list, click View Scan Results.

    Figure 3 Viewing scan results
    • Checking software information

      Click Installed Software on the Assets tab, and click Scan.

      Figure 4 Viewing software information
    • Detecting vulnerabilities
      Click the Vulnerabilities tab. Click Linux Vulnerabilities or Web-CMS Vulnerabilities and click Scan.

      The manual detection of either software vulnerabilities or software information management will collect software information from servers.

      • Click Select the Vulnerability Management tab, select a system vulnerability, and click Scan. HSS will scan for system vulnerabilities immediately.
        Figure 5 Detecting system vulnerabilities
      • Click the Vulnerabilities tab. Click Web-CMS Vulnerabilities, select a vulnerability, and click Scan. HSS will detect Web-CMS vulnerabilities immediately.
        Figure 6 Detecting Web-CMS vulnerabilities
    • Detecting password risks

      Click the Unsafe Settings tab and click Password Risks. Click Scan to manually detect unsafe configurations.

      Figure 7 Detecting weak passwords
    • Detecting unsafe settings

      Click the Unsafe Settings tab and click Unsafe Configurations. Click Scan to manually detect unsafe configurations.

      Figure 8 Detecting unsafe settings

  4. Wait until Detection Status changes to Completed, click to refresh the detection results.
Parent topic: Others

Others FAQs

more