How Do I Scan My Servers?
The HSS service detects risks and abnormal operations on servers in real time and performs a comprehensive scan for the servers every early morning. In addition, you can conduct manual detections to check key configuration information on servers.
The manual detection can detect risky software, vulnerabilities, web shells, weak passwords, and key configurations.
At least a three-minute interval is required between two manual detections for the same item.
Prerequisites
The Agent Status of the server is Online, the Protection Status is Enabled, and the Edition is Enterprise or Premium.
Check Items
HSS will scan your servers for software information, Linux software vulnerabilities, Windows system vulnerabilities, Web-CMS vulnerabilities, web shells, password risks, and unsafe settings configuration.
Scan Duration
- The scan for a single item (such as password risks) takes less than 30 minutes.
- A comprehensive manual scan takes less than 30 minutes. Items are scanned concurrently.
Performing a Manual Detection with One Click
Performing a manual detection with one click can detect risky software information, vulnerabilities, web shells, key configuration information, weak password complexity policies, and accounts using weak passwords on the servers. After the detection is complete, you can view overall risk statistics or the details of a single server on the HSS console.
- Log in to the management console.
- In the upper left corner of the page, select a region, click
, and choose . - In the upper right corner of the Servers page, click Manual Detection.
Figure 1 Performing a manual detection
- On the Manual Detection page, select the target servers and click OK.
Figure 2 Manual detection
- On the Dashboard page of the HSS console, view the overall detection result. Alternatively, on the Servers page, click View Scan Results in the Operation column of a server to view the manual detection results of the server.
Manually Checking an Item
- Log in to the management console.
- In the upper left corner of the page, select a region, click , and choose .
- In the navigation pane, choose Servers. In the Operation column of the server list, click View Scan Results.
Figure 3 Viewing scan results
- Checking software information
Click Installed Software on the Assets tab, and click Manual Detection.
Figure 4 Viewing software information
- Detecting vulnerabilities
Click the Vulnerabilities tab. Click Linux Vulnerabilities or Web-CMS Vulnerabilities and click Manual Detection.
NoteThe manual detection of either software vulnerabilities or software information management will collect software information from servers.
- Click Select the Vulnerability Management tab, select a system vulnerability, and click Manual Detection. HSS will scan for system vulnerabilities immediately.
Figure 5 Detecting system vulnerabilities
- Click the Vulnerabilities tab. Click Web-CMS Vulnerabilities, select a vulnerability, and click Manual Detection. HSS will detect Web-CMS vulnerabilities immediately.
Figure 6 Detecting Web-CMS vulnerabilities
- Click Select the Vulnerability Management tab, select a system vulnerability, and click Manual Detection. HSS will scan for system vulnerabilities immediately.
- Detecting password risks
Click the Unsafe Settings tab and click Password Risks. Click Manual Detection to manually detect unsafe configurations.
Figure 7 Detecting weak passwords
- Detecting unsafe settings
Click the Unsafe Settings tab and click Unsafe Configurations. Click Manual Detection to manually detect unsafe configurations.
Figure 8 Detecting unsafe settings
- Checking software information
- Wait until Detection Status changes to Completed, click
to refresh the detection results.
- Prerequisites
- Check Items
- Scan Duration
- Performing a Manual Detection with One Click
- Manually Checking an Item