Summary
This article outlines the necessary pre-requisites required to perform Agentless Scanning using Saner Network Scanner. These requirements vary based on the target device’s operating system (Windows, Linux, or macOS).
Scope
Applicable for all organizations using Saner Network Scanner to perform agentless vulnerability and configuration scans on endpoints within their environment.
Pre-requisites by Operating System
For Windows Devices
Required Network and System Configurations:
TCP Port 445 must be accessible from both the Network Scanner and the target device.
File and Print Sharing must be enabled on the target machine.
The admin share (typically
C$
or%systemroot%
) must be accessible.
Authentication Requirement:
A common administrator credential is needed.
For Domain Devices: Use a valid domain admin account.
For Local Devices: Use a local admin account with remote login access.
Additional Steps for Workgroup Devices:
To allow full token-based remote access for local admin accounts:
Press
Win + R
, typeregedit
, and press Enter.Navigate to the following key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
If the key LocalAccountTokenFilterPolicy does not exist:
Right-click in the right pane → New → DWORD (32-bit) Value
Name it:
LocalAccountTokenFilterPolicy
Set its value to
1
Close the registry editor and restart the system if needed.
For Linux and macOS Devices
Required Services and Configurations:
SSH Server must be installed and running on all target devices.
Port 22 (SSH) must be open and allowed through the firewall.
Authentication Requirement:
A common administrator credential must be available.
The user must either:
Have root privileges, or
Be part of the sudoers group with passwordless sudo (recommended)
Note:
These requirements apply to Linux/macOS target systems.
If the Network Scanner is installed on a Linux system, ensure that SSH is also configured properly on it.
Important Notes
The above pre-requisites apply only to target devices being scanned in agentless mode.
Endpoints designated as Network Scanner nodes do not need to meet these requirements.
Troubleshooting Tips
Ensure firewall rules and access controls allow the necessary ports and services.
Validate credentials by manually accessing the target device using the same method (e.g., SMB or SSH).
Use administrative tools to test for open ports and service accessibility before initiating the scan.
For further assistance with agentless scan setup or troubleshooting, contact the support team at support@secpod.com
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article