Running a DHCP Scan

Run vulnerability scans on clients requesting IP addresses from a DHCP server.

Vulnerability Scanner listens on port 67, which is the DHCP server’s listening port for DHCP requests. If it detects a DHCP request from a client, vulnerability scan runs on the client.

Note:

Vulnerability Scanner is unable to detect DHCP requests if you launched it on Windows Server 2008 or Windows 7.

  1. Configure DHCP settings in the TMVS.ini file found under the following folder: <Server installation folder>\PCCSRV\Admin\Utility\TMVS.
    Table 1. DHCP Settings in the TMVS.ini File

    Setting

    		 Description

    DhcpThreadNum=x

    Specify the thread number for DHCP mode. The minimum is 3, the maximum is 100. The default value is 3.

    DhcpDelayScan=x

    This is the delay time in seconds before checking the requesting computer for installed antivirus software.

    The minimum is 0 (do not wait) and the maximum is 600. The default value is 60.

    LogReport=x

    0 disables logging, 1 enables logging.

    Vulnerability Scanner sends the results of the scan to the WFBS server. Logs display in the System Event Logs screen on the web console.

    OsceServer=x

    This is the WFBS server's IP address or DNS name.

    OsceServerPort=x

    This is the web server port on the WFBS server.
  2. Launch Vulnerability Scanner.

    To Launch Vulnerability Scanner On:

    Steps

    The Security Server

    1. Navigate to <Server installation folder>\PCCSRV\Admin\Utility\TMVS.

    2. Double-click TMVS.exe.

    A client on the network

    1. On the Security Server, navigate to <Server installation folder>\PCCSRV\Admin\Utility.

    2. Copy the TMVS folder to the other client.

    3. On the other client, open the TMVS folder and then double-click TMVS.exe.
  3. Next to the Manual Scan section, click Settings.

    The Settings screen appears.

  4. Configure vulnerability scan settings. For details, see Vulnerability Scan Settings.
  5. Click OK.

    The Settings screen closes.

  6. In the Results table, click the DHCP Scan tab.
    Note:

    The DHCP Scan tab is not available on computers running Windows Server 2008 and Windows 7.

  7. Click DHCP Start.

    Vulnerability Scanner begins listening for DHCP requests and performing vulnerability checks on clients as they log on to the network.

  8. To save the results to a comma-separated value (CSV) file, click Export, locate the folder where you want to save the file, type the file name, and click Save.
Parent topic: Installing with Vulnerability Scanner