I am facing an issue with the scan credentials.
When I check the credentials on the device under the site page, they work just fine on both 135 and 445 ports.
But when I perform the scan, they end up failing.
I am using a Local Scan engine. Right now I don’t have the option to install agents on individual machines.
Did someone face a similar issue?
I would suggest enabling scanning diagnostics in your scan template and then rescanning that specific asset in question. After re-scan there should be an entry under the vulnerabilities for that asset labeled “Scanning Diagnostics: …” which you can click on to view the proof and possible remediation steps.
Thanks John!
I had that enabled to start with.
Do the diagnostics show up in the services section?
In that case I have the CIFS failing on port 445
The services show you a little information so like the fact that it’s failing on 445 is probably enough to start with but I’m referring to the vulnerabilities section which should have a separate line in there.
We just got this issue resolved.
Apparently, the option ‘Enable Windows services during a scan’ under scan template settings needs to stay enabled.
This allows the scan engine to modify Windows registry and modify credentialing issues automatically.
So how does this work when we are not allowed to modify registry keys on domain controllers and other high impact networked servers? Why when the two ports are clearly opened on the server, and the scanning credential is a domain admin, and the credentials work, are we still getting this problem?
This is making me rack my brain.
I faced a similar issue on one of our servers. We had to modify the host based FW configuration to get it to work. Apart from that, with the setting enabled, and use of Domain Admin creds, I don’t see any other reason.
Maybe support might be able to look a deeper dive into the logs and figure out at what point the credentials fail.