You can configure the WinRM service used for authenticated scanning to handle network traffic over HTTP.

Note: Using HTTP for WinRM is not recommended outside a domain environment where the NTLM protocol does not provide a sufficient level of protection for credentials. This also means that using HTTP is particularly inadequate when using scan nodes that are deployed on Linux computers.

Note: In larger domain environments, it is highly recommended to configure the WinRM service via Group Policy.

    1. On the target computer where you want to run the WinRM service, run the following command to set up the remote management configuration:

Set-WSManQuickConfig –Force

Note: If the computer is on a public network, use the additional -SkipNetworkProfileCheck parameter, which enables a firewall rule for public networks.

This command ensures that the WinRM service is running and is set up to start automatically, creates an HTTP listener to accept WinRM requests, and creates a firewall exception for WinRM traffic.

    1. On the scan node, run the following command to add the target host to the TrustedHosts list:

Set-Item WSMan:\localhost\Client\TrustedHosts -Value ‘{IpAddress}’

Note: Use the IP address of the target computer. Use the wildcard character (*) instead of an IP address to add all computers.

Source : Official F-Secure Brand
Editor by : BEST Antivirus KBS Team

How useful was this post?

Click on a star to rate it!

Average rating 0 / 5. Vote count: 0

No votes so far! Be the first to rate this post.

(Visited 9 times, 1 visits today)