Faizan Siddiuqi 1 Posted June 3, 2022 Posted June 3, 2022 Hi, we have Vulnerability scanner installed on a system where ESET endpoint antivirus also installed, but when we run the scan lot of detections appeared in Detection tab and it sent Network attack Alert notification. so my question is can we add the scanner system as an exception in this detection rule??
Administrators Marcos 5,741 Posted June 3, 2022 Administrators Posted June 3, 2022 You can temporarily disable Network attack protection before running a vulnerability scan:
Faizan Siddiuqi 1 Posted June 3, 2022 Author Posted June 3, 2022 ok, but can't we put this in exception?
Administrators Marcos 5,741 Posted June 3, 2022 Administrators Posted June 3, 2022 You can create temporary exceptions but temporarily disabling NAP is much easier and quicker since you need to disable it only for a short time.
Administrators Marcos 5,741 Posted June 3, 2022 Administrators Posted June 3, 2022 There are many attacks that are detected by NAP. Why do you prefer creating numerous exceptions that you would remove after running a vulnerability scan?
Faizan Siddiuqi 1 Posted June 3, 2022 Author Posted June 3, 2022 Actually we run scanner after every 15 days, we dn't want to enable or disable NAP manually every time.
Administrators Marcos 5,741 Posted June 3, 2022 Administrators Posted June 3, 2022 You can create IDS exceptions only for "attacks" from the IP of the machine on which the vulnerability scan is run.
Recommended Posts