Scanner Settings contents.gifindex.gif

Scanner Settings

Configures the scanner.

Verbose output: Enables additional output to the log files.

Scan if ping fails: The scanner attempts exploits if the host is not able to return ping requests. This is frequently the case when a firewall is between the host and the scanner. See Scan Always.

Grab Critical Files: Enables the scanner to copy critical files to the local system. These files are placed in the pwd directory located under the installation directory. This directory should be secured on installation, and the scanner warns the user if it is insecure at the beginning of a scan. The vulnerabilities that can permit the password file to be obtained are:

Sendmail Remote Execution

TFTP (Trivial File Transfer Protocol) Checks

NIS

Rsh

Rlogin froot

Anonymous FTP

Brute Force

Max Parallel Scans: Use this option to select how many parallel scans occur at one time. Parallel scanning speeds the scans, but increases the processor load and slows other processes on the machine running the scan. The maximum number of parallel scans is 64 in the Windows NT version.

Max Ports/Thread: Maximum number of ports that a thread can open at once.

Ping Timeout (ms): Maximum time out value for a ping, in milliseconds. This may be decreased on fast networks to allow more rapid network enumeration, or increased on slower networks if not all hosts are found.

Additional scan ports: The Scanner checks for services on over 100 well-known ports. In order to check for services on a wider range of ports, additional ports may be added using this option. The ports should be defined as either a range separated with a dash (1-3000), or as a comma separated list (5000,6000,7000). Ranges and lists can be combined. For example:

1-3000,6000,7000-9000