Running_Vulnerability_Scan

Running Vulnerability Scan

Run Vulnerability Scan on multiple computers by specifying a range of IP addresses.

Vulnerability Scan can also run on computers requesting IP addresses from a DHCP server. Vulnerability Scanner listens on port 67 (DHCP Server listening port for DHCP requests). If it detects a DHCP request, Vulnerability Scanner can check for the presence of antivirus software on the requesting computer.

To run a manual vulnerability scan on a range of IP addresses:

1. Navigate to <Server installation folder>\PCCSRV\Admin\Utility\TMVS and double-click TMVS.exe. The Trend Micro Vulnerability Scanner console appears.

2. Under Manual Scan, type the IP address range of the computers you want to check.

• Vulnerability Scanner only supports a class B IP address range, for example, 168.212.1.1 to 168.212.254.254.

3. Click Start. The vulnerability scan results appear in the Results table under the Manual Scan tab.

• MAC address information does not display in the Results table if the computer runs Windows 2008.

4. To save the results to a comma-separated value (CSV) file, click Export, locate the folder where you want to save the file, type the file name, and click Save.

To run a vulnerability scan on computers requesting IP addresses from a DHCP server:

1. Configure DHCP settings in the TMVS.ini file found under the following folder: <Server installation folder>\PCCSRV\Admin\Utility\TMVS.

   DHCP settings in the TMVS.ini file

   Setting	Description
   DhcpThreadNum=x	Specify the thread number for DHCP mode. The minimum is 3, maximum is 100. The default value is 3.
   DhcpDelayScan=x	This is the delay time in seconds before checking the requesting computer for installed antivirus soft­ware. The minimum is 0 (do not wait), maximum is 600. The default value is 60.
   LogReport=x	0 disables logging, 1 enables logging. Vulnerability Scanner sends the results of the scan to the OfficeScan server and the logs display in the System Event Logs screen of the Web console.
   OsceServer=x	This is the OfficeScan server's IP address or DNS name.
   OsceServerPort=x	This is the Web server port on the OfficeScan server.

2. Navigate to <Server installation folder>\PCCSRV\Admin\Utility\TMVS and double-click TMVS.exe. The Trend Micro Vulnerability Scanner console appears.

3. In the Results table, click the DHCP Scan tab.

• The DHCP Scan tab is not available on computers running Windows 2008.

4. Click Start. Vulnerability Scanner begins listening for DHCP requests and performing vulnerability checks on computers as they log on to the network. When it detects an unprotected computer and verifies that the computer's IP address belongs to the defined IP address range, Vulnerability Scanner runs remote installation to install the OfficeScan client.

5. To save the results to a comma-separated value (CSV) file, click Export, locate the folder where you want to save the file, type the file name, and click Save.