Forum Discussion
Defender not detecting test Kali Linux devices connected to network
Hello, first time posting here. Our organization is trying to get more familiar with MS 365 Defender. Just to see what it would discover, we connected a device running Kali Linux (not domain joined...
Thanks for the reply, The Kali machines are connected to the same subnet as the one I was scanning. Trying to simulate a scenario where someone brings a foreign, unmanaged device inside our building and plugs it into our network.
- Yes it is
griggs31 hmmm
One thing you can try if its not coming up in the defender portal is an network device scan
See documentation below, there is a little bit of setup for this
Network device discovery and vulnerability management | Microsoft Learn
I'm a little bit surprised defender hasn't picked up your Kali box at all, especially in the uncategorized devices list
- I tried doing a Network Device Scan but this only discovered network devices (routers, switches, etc). The scan did ping the IP of the Kali Box along with the other endpoints in the subnet but they all came back with "An existing connection was forcibly closed by the remote host"