Arctic Wolf Unified Portal Telemetry ManagementUpdated Jan 17, 2024
Note: Disabling Common Gateway Interface (CGI) scanning prevents lockouts, but it does not mitigate risks. It also removes many Webmin checks that the scanner performs because Webmin applications often use the CGI language. CGI is a legacy feature for web-based Active Directory sign-in pages that consistently experienced false-positive account lockouts.
For example, if a typical Webmin page using CGI has a vulnerability, CGI scanning should discover this vulnerability. If the vulnerability involved threat actors that used known or default credentials to sign in to the system, there is a risk of account lockout. Disabling CGI scanning can limit the negative impact of account lockouts while you complete remediation steps to address the vulnerability.
Sign in to the Arctic Wolf Unified Portal.
Click Telemetry Management > Scanners.
Click Configure for the scanner that you want to view.
Tip: The scanner must be online for configuration changes. If needed, use filters to limit your results. See Scanner filters for more information.
In the Scanner Configuration section, do one of these actions:
- To enable CGI scanning, click the CGI Scanning toggle to the on position.
- To disable CGI scanning, click the CGI Scanning toggle to the off position.
Click Update Configuration.
This button is not available if the scanner is offline.