Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 14 Next »

External Scan - An external vulnerability scan is a scan that is conducted outside of the network you're testing. These scans target external IP addresses throughout your network, scanning perimeter defences like websites, web applications, and network firewalls for weaknesses. CyberCNS provides external scans with configurable profiles so that you have control over the depth of the scan that needs to be performed.

In order for the external scan to work the IP and hostname will be scanned from the following IP Addresses based on the region. Your region is the suffix on your portal URL. If your URL is portaluseast2.mycybercns.com then your region is useast2. The IPs are as listed below.

Region

Originating IP Address for External Scan

USWEST2

44.231.123.15

EUCENTRAL1

35.158.55.215

EUWEST2

13.41.172.255

APSOUTHEAST2

54.206.202.191

USEAST2

3.22.165.174

Running External Scans using CyberCNS

  • Choose a company for which you need to run a scan, and navigate to External Scan to create a profile.

Profiles

Users can create different profiles based on the requirement and attach them to assets to be scanned for external scans.

  • In the profile sections, you can create your own profiles and can add these profiles in the Configurations section.

  • There are three Default Profiles, that are

🔹 Quick Scan: This covers the top 1000 ports defined by IANA, which covers up to 65% risk profile.

🔸 Detailed Scan: This covers the top 3500 ports defined by IANA, which covers up to 94% risk profile.

🔹 Deep Scan: This will scan all 65535 ports, this can take 10 minutes to hours.

CyberCNS uses Connect Scan protocol for default profiles.

  • If you want to create your own Custom Profiles click on +Add.

  • In the profiles section, enter the Profile Name as required and select the Port Scan Type.

  • There are two types of Ports, those are Top Ports and Custom Ports.

Top Ports

  • In Top ports, you can choose the number of ports(100, 500, 1000, 3000, 5000, 10000, and 65535 ports) as required.

  • Choose the Protocols as required.

🔹 Sync

🔸 Connect

🔹 Xmas Scan

  • Choose the Service Detections as required and click on Save.

  • Once the profile is created successfully, you can either Edit or Delete the created profile in case required.

Configurations

  • When the profile is created, navigate to the Configurations section and click on +Add to add the External Scan Endpoints.

  • Select the Discovery Type as required.

🔹 IP Range: Discovery Type selected as IP Range, then please provide the Start IP and End IP of the range selected.

🔸 Static IP: Discovery Type selected as Static IP, then need to provide a single IP address to scan.

🔹 Domain Name: Discovery Type, selected as Domain Name, then need to provide a Domain Name.

  • The created profile can be chosen here if required, if not can select the Scan profile.

  • Enter the secure ports for the required IP address.

  • To enter multiple ports, press the enter key or enter a comma before adding the next port.

  • Once all the details are provided, click on Save.

  • Can select the checkbox in case need to exclude the IP from scanning.

  • To start the scan, select the checkbox to Scan the added IP and then click on Scan Now under Global Actions, or under the Action select the option Scan Now.

  • There is an option to Edit or Delete the Discovery Type using the Action column. Any Discovery Type can be edited or deleted if needed.

Jobs

All the jobs for the external scan will be shown in the Jobs tab. This will list all jobs which were initiated and with their status.

  • When the scan begins, navigate to the Jobs section to check the Job Completion.

Results

All the Results for the external scan are shown in the Results tab.

  • Once the scan is completed, navigate to the Results section, to view the details of the added IP.

  • For the added IP can get the details based on the Selected profile.

  • Information such as Ports Scan, Protocol Scan, Service Detections, OverAll Grade, Open Ports, Vulnerabilities, and Operating System Details will be displayed.

Custom Ports

  • For custom ports, enter multiple ports of your own by adding commas. Choose the Protocols as required from below:

🔹 Sync

🔸 Connect

🔹 Xmas Scan

  • Choose the Service Detections as required and click on Save.

  • Select the Discovery Type as required and the created profile can be chosen here if required, if not can select the Scan profile.

  • Once all the details are provided, click on Save.

  • In case of exclusion of certain IP/IPs from scanning, select the checkbox of “Exclude from scanning”.

  • To start the scan, select the checkbox for the added IP and use Global Actions OR under the Action column select the option to Scan Now.

  • There is an option to Edit or Delete the Discovery Type using the Action column. Any Discovery Type can be edited or deleted if needed.

All the jobs for the external scan will be shown in the Jobs tab. The list of jobs which are initiated is shown with their status.

  • When the scan begins, navigate to the Jobs section to check the Job Completion.

All the Results for the external scan will be shown in the Results tab.

  • Once the scan is completed, navigate to the Results section, to view the details of the added IP.

  • For the added IP can get the details based on the Selected profile.

  • Overall Grade, Open Ports, Vulnerabilities, Operating System Details, Common SSL Vulnerabilities, and Certificate details will be displayed.

  • One can download the individual External Scan result by clicking on the download icon( (blue star)).

Web Vulnerabilities

  • Click View Details under the Vulnerabilities section to get more information about the vulnerabilities.

  • Details such as Category, CVSS, Severity, Remediation, Impact and Description are captured for Vulnerabilities.

SSL Attacks and Certificates

  • Common SSL Vulnerabilities like DROWN, POODLE & HEARTBLEED are checked for.

  • SSL Certificates if any are found on the system, the details as shown below will be available in this section.

  • This completes the documentation of External Scan.

  • No labels