Even if you increase the port scan
options to include 1 - 65535, Internet Scanner does not perform a complete port
scan. This particular piece has been broken since the 5.x release (which
is when I noticed it, but may have been longer). Anyway, another configuration
change required is in the Tools pull down menu, select Options, and turn on the
options for:
Scan if ping
fails
Always run
Checks
Something else that needs to be
noted is that a large number of checks require Administrative privileges on the
systems you are scanning (not the scanner). This is another flaw, as
Administrative rights are not needed to exploit the
vulnerabilities.
The configuration change will
increase the time for the scan to complete. Also, continue to use NMAP,
it's a solid tool !! Take a look at Nessus as well, http://www.Nessus The side by side comparison will
amaze you..
-----Original Message-----
From: Evans, Mark [mailto:[EMAIL PROTECTED]]
Sent: Monday, October 07, 2002 1:23 PM
To: '[EMAIL PROTECTED]'; [EMAIL PROTECTED]
Subject: RE: [ISSForum] Internet Scanner & RDP (TCP 3389)You need to increase the port range under TCP Services. By default, IS only scans the well-known port range (0-1024).-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Monday, October 07, 2002 9:29 AM
To: [EMAIL PROTECTED]
Subject: [ISSForum] Internet Scanner & RDP (TCP 3389)Does anyone know what you have to enable in the Internet Scanner Policy to detect the RDP service (TCP 3389)? I scanned a range with nmap and it detected RDP running on a few hosts. However, an Internet Scanner scan of the same range didn't pick it up. I would expect it to be listed under the services tab? Is it possible that Internet Scanner is looking for the actual service while nmap is just seeing the open port?Wade Dauphinee
[EMAIL PROTECTED]
*****
"The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential, proprietary, and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from all computers."
