Discovery and Scan Settings

Discovery and Scan preferences affect the way Security Manager Plus performs network security assessment on target hosts. Listed below are various discovery and scan preferences that you as an administrator would require to configure/change based on network specific requirement .

 

Preference Description

TCP Ping
Security Manager Plus uses the mentioned ports for discovering the network resources. Default  : 21,23,80

 

Scanning Dead Hosts

 

Select the 'Scan Dead Hosts' check-box, in order to even scan hosts that do not respond to TCP ping on the ports specified above.
TCP Ports to Scan
Security Manager Plus performs port scanning to find open ports. Specify which TCP ports should be scanned during this process. Can perform port scan on all the 65,535 ports on a network device.
Default Setting : Standard Ports
Set Timeouts
Influences the time taken for discovery and scan.

Default Setting for :

  • TCP Connection Timeout  : 3000 milliseconds
  • TCP Read Timeout  : 3000 milliseconds
  • UDP Timeout  : 1000 milliseconds
SNMP Settings
Used when performing SNMP based OS detection.

Default Settings:

  • Port to be Used : 161
  • Community : (no entry)
  • Number of Retries : 0
HTTP
Directories scanned to check cgi scripts for HTTP vulnerabilities

Default Setting:

  • Directories to Scan for cgi scripts : cgi-bin
User Account Detection
Used for setting username and password brute-force level 

When enabled, the Security Manager Plus will attempt to guess the password corresponding to each detected username on each target host scanned. Select the level of brute forcing you prefer. Options provided are "Minimal" and "Exhaustive".

Default Setting : Minimal
Configure Nmap Commands

Used for configuring the commands of the Nmap detection software. Detection using Nmap will take place based on the parameters specified here. Exercise caution before changing these settings.
Defaults Settings :

  • OS Detection : $nmap -PE -PA$portList --host_timeout=300000 -O $host
  • Standard Port Scan : $nmap -PE -PA$portList --host_timeout=300000 -sV $host
  • Full Port Scan : $nmap -PE -PA$portList -p1-65535 --host_timeout=300000 -sV $host
  • UDP Port Scan : $nmap -PE -n -PA$portList --host_timeout=300000 -sU -pU:7,9,13,19,37,42,53,67,68,69,111,123,137,138,161,177,445,500,512,514,517,601,631,642,645,700,960,1900,2024,2049,4045,4500,32768,32771 $host

For Windows localhost

  • Standard Port Scan : $nmap -PE -PA$portList -sT -sV $host
  • Full Port Scan : $nmap -PE -PA$portList -sT -p1-65535 -sV $host

 

Copyright © 2010, ZOHO Corp. All Rights Reserved.
ManageEngine