Firewalls contents.gifindex.gif

Firewalls

Configures the firewall default user tests.

FW Check Login Name: Enables default user checks against firewalls.

FW Check DefBackwd: Use backward user names as passwords.

FW Check Real Name: Use names as passwords.

Additional Username Files: These files contain the user name - password pairs used in the firewall default user tests. At least one user - password pair must be entered in order for these checks to run. A # symbol designates a comment, and all user name - password pairs are delimited with a tab, a space, or a colon. Unless a full path is specified, the scanner searches the install directory for the files.

Stealth Scan: This option performs an exhaustive TCP port scan by using various TCP packets to determine the status of a port. This TCP port scanning never establishes a connection, so it may go undetected. Some filter-based firewalls may allow TCP port scanning even though they block connections to these ports.

Usually, when scanning for services offered by a given machine/target, the port is opened which will show up on the servers logs. Stealth scanning sends a sequence of rudimentary packets to the target port, and based on the response, the scanner is able to determine what ports are available without making a connection. This goes undetected by the target machine. It does not necessarily detect vulnerabilities, but will stealthily determine the services available as well as some give insight into the TCP/IP stack implementation.

When this option is selected, the scanner transmits a SYN packet, which prompts either a SYN/ACK or RESET response from the target port on the target machine. If a SYN/ACK is received, this indicates that the port is alive and there is enough information within the received packet to deduce the kind of port. The scanner sends back a RESET to close the test for that port. A session was never opened, so the scan will not be detected and the information about that port is logged. If a RESET is received, this indicates that this port is not in use.

Phase Limit: Sets the number of passes for the stealth scan. The higher the number of passes, the fewer false positives will be recorded.

Note: The stealth scan may require up to 2 minutes per host. This option works only on SunOS, Solaris, Linux, and Windows NT.