Skip to main content
All CollectionsProduct InfoSecurity
Setting Up Software And CVE Discovery
Setting Up Software And CVE Discovery
Alex Patnick avatar
Written by Alex Patnick
Updated over 2 months ago

What Is Software and CVE Discovery?

Software Discovery is a feature that allows you to view the software running on any server, whether it is Linux or Windows-based.

CVE Discovery is a feature that allows you to view the vulnerabilities on any Linux server.

Linux Set-Up

To gather the information on all the running services on the Linux server, you need to provide credentials that are part of the SUDOers group and access needs to be allowed from the Faddom server or proxy on port 22 for SSH access to the target servers.

Windows Set-Up

For Windows, if the Faddom server is installed via Linux ova, this requires an additional proxy installed on an existing Windows server (see How to Setup the Faddom Proxy). This also requires a user account with permissions to run the following WMI queries:

  • \ROOT\StandardCimv2 - SELECT * FROM MSFT_NetTCPConnection

  • \ROOT\CIMV2 - SELECT * FROM Win32_Process

Note: In order to use this you may need to adjust your firewall rules as per the table below

Port Number

Port Assignment

135

DCE RPC Endpoint Manager
DCOM Control Software

49152-65535

DCOM

139

NetBios Session Software

445

Microsoft Directory Softwares SMB

  1. Select Settings > Software and CVE Discovery

  2. Click on New Task and you will be presented with the credentials screen

  3. Add New Host Credentials for the server(s) that you wish to see the software of, then enter the credentials as well as the server type, highlighted in blue.

  4. Click on the on the right-hand side, select the subnet(s) that you wish to run the discovery on and click Save. Faddom will scan all the servers it finds in the selected subnets and attempt to connect to each one with the provided credentials.

  5. You can set the schedule to determine when the software discovery will run below the discovery tasks table.

  6. If you have any issues running this feature please see our guide Troubleshooting WMI Connections for Software or User Discovery

Did this answer your question?