F-Secure Radar Discovery Scan ping detection fails due to switch redirection.

Issue:

Ping detection fails due to switch redirection using RADAR Discovery Scan.

Resolution:

We have added a new feature In F-Secure Radar that helps to resolve this issue. You need to modify your discovering scan template to use it. Follow the steps below to configure the top 100 port scan template without scanning or pinging port 80:

  1. Create a new discovery scan template:
  • Name the template (eg. "Port Scan (no 80 ping)")
  • For scan mode select Custom port scan
  • TCP range: 7,9,13,21-23,25-26,37,53,79,81,88,106,110-111,113,119,135,139,143-144,179,199,389,427,443-445,465,513-515,543-544,548,554,587,631,646,873,990,993,995,1025-1029,1110,1433,1720,1723,1755,1900,2000-2001,2049,2121,2717,3000,3128,3306,3389,3986,4899,5000,5009,5051,5060,5101,5190,5357,5432,5631,5666,5800,5900,6000-6001,6646,7070,8000,8008-8009,8080-8081,8443,8888,9100,9999-10000,32768,49152-49157
  • UDP range: 7,9,17,19,49,53,67-69,80,88,111,120,123,135-139,158,161-162,177,427,443,445,497,500,514-515,518,520,593,623,626,631,996-999,1022-1023,1025-1030,1433-1434,1645-1646,1701,1718-1719,1812-1813,1900,2000,2048-2049,2222-2223,3283,3456,3703,4444,4500,5000,5060,5353,5632,9200,10000,17185,20031,30718,31337,32768-32769,32771,32815,33281,49152-49154,49156,49181-49182,49185-49186,49188,49190-49194,49200-49201,65024 
  • Click Save
  1. Download the new template:
  • Select it on the templates list (click the checkbox)
  • Click Download scan settings
  • Edit downloaded file by adding '-PE -PP -PS443' node within '' (see Top 100 no 80 ping.xml)
  1. Upload modified template:
  • Click Upload scan settings on Radar templates list
  • Browse for your edited file and click "Upload"
  1. Use your newly created template in Discovery Scans.
Note: If you want to skip port 80 pings on other types of scans, the procedure is similar (add correct <AdditionalNmapOptions> in the config).

Article no: 000012266

Pricing & Product Info

For product info and pricing please go to the F-Secure product page

Version history
Revision #:
3 of 3
Last update:
‎09-10-2019 01:09 PM
Updated by:
 
Labels (3)