Find Windows shares that are readable by everyone, and report details like the number of files in the share and whether the files are writable. This is good for identifying groups of files that may need tighter access control.
Windows Share Enumeration is not available to Express Lite users.
|
Get Started |
|
Step 1: Accept the Dissolvable AgentStep 1: Accept the Dissolvable Agent The Dissolvable Agent must be accepted for your subscription. Go to Scans > Setup > Dissolvable Agent and check to be sure the Agent is accepted. If not, a Manager must accept go there and accept the Agent. Learn more |
|
Step 2: Configure Scan SettingsStep 2: Configure Scan Settings Go to Scans > Option Profiles, and select these options: - Enable the Dissolvable Agent - Enable Windows Share Enumeration You must also select the following options for vulnerability scans: - Enable Windows authentication - Make sure QID 90635 is included under Vulnerability Detection. If Complete is selected this QID will be tested. If Custom is selected, be sure that QID 90635 is added to a search list that's included. |
|
Step 3: Create Authentication RecordsStep 3: Create Authentication Records Create Windows authentication records with administrator / root privileges. Go to Scans > Authentication to manage authentication records. |
|
Step 4: Start Your ScanStep 4: Start Your Scan Scan hosts for Windows Share Enumeration. Make sure you choose the option profile with Windows Share Enumeration enabled, and the target hosts are in the Windows authentication record. Look at the Results section of your scan results to see the findings. See a sample vulnerability scan report and a sample compliance report. |