GFI LanGuard Agents are designed to be deployed on local(network) or remote servers and workstations. Once installed, the GFI LanGuard Agents can then be configured via LanGuard’s main server console, giving the administrator full control as to when the Agents will scan the host they are installed on, and communicate their status to the GFI LanGuard server.

Those concerned about system resources will be pleased to know that the GFI LanGuard Agent does not consume any CPU cycles or resources while idle. During the time of scanning, once a day for a few minutes, the scan process is kept at a low priority to ensure that it does not interfere or impact the host’s performance.

Discover how easy you can monitor, patch and update all workstations and servers using GFI LanGuard - Grab your free download now!

GFI LanGuard Agents communicate with the GFI LanGuard server using TCP port 1070, however this can be configured.

Let’s see how we can install the GFI LanGuard Agent from the server’s console.

First open GFI LanGuard and select Agents Management from the Configuration tab:

Figure 1. Select Agents Management and the Deploy Agents

 

Next, you can choose between Local domain or Custom to define your target(s):

This article examines the differences between logical and technical web application vulnerabilities which tends to be a very confusing topic especially for web application developers and security – penetration experts because it would make sense that a vulnerability by any other name is simply confusing something that should be simple.

However, there are significant differences between technical and logical vulnerabilities which are critically important — especially if you are developing or penetration testing a web application.

Automated web application security scanners are indispensable when it comes to scanning for potential vulnerabilities. Web applications today have become complicated the point where trying to eliminate all vulnerabilities manually is nothing short of foolish. The task is too large to even attempt. And, even if you did, you are likely to miss far too many as a result of human error.

Don’t let that lead you to believe that humans have no place in the process. While computers are indispensable in their ability to tirelessly scan for technical vulnerabilities, humans have the unique ability to not only think logically, but also analytically.

As a result, we still play a critical role in the process of identifying vulnerabilities in websites and web applications and will likely do so for some time to come.

But what is the difference between logical and technical vulnerabilities? And where should humans intervene in the detection process? To understand this, let’s take a closer look at the difference between the two.

Download Web and Network Vulnerability Scanner

Technical Vulnerabilities

Technical vulnerabilities is an area where automated scanners excel — it is a rule-based process. It is also time intensive, because of the vast number of attack vectors and potential vulnerabilities. For a human to complete this process, while possible, would be extremely expensive and likely full of both false-positives and false-negatives.

A common example of a technical vulnerability (for example SQL Injection) would be an application that requires information to be submitted by a user through a form. Any data submitted needs to be properly sanitized and failure to do so could make your application vulnerable to attack.

Testing for this is a simple task. For example, a hacker could probe for a vulnerability by submitting an email address with a single quotation at the end of the text. The response they receive might indicate the presence of a vulnerability.