IP Scanning
Last updated
Was this helpful?
Last updated
Was this helpful?
The CyberCyte can scan the internal network and display the results on the portal. For IP scanning the portal requires a Linux machine, on the machine CyberCyte agent will scan the network and return results to portal.
Please follow these steps below:
Please login to the CyberCyte Portal.
Navigate to "Rules & Policies" -> "Policy Management" and search for "Def. IP Scan & Network Testing Policy". Click on the policy name or three dots right side of the entry and click on the "Edit" button.
The default collection interval is 30 minutes. Users should fill these fields below:
Scanner Host: The scanner host must be a Linux machine with CyberCyte agent.
IP Block: For example 192.168.1.0/24, the field can take multiple IP blocks, users need to type the IP block and press enter for apply.
The other sections are designed for scenario and vulnerability tests. Other fields are optional. If users want to execute vulnerability and scenario tests on the network, the "Execute Standard Scenario Tests" and the "Execute Vulnerability Scan" options should be enabled, also the "Run Vulnerability Scan Every X" should be selected as users requirements.
Assigned Groups
The groups for policy assignments.
Collection Interval
The interval for executing the policy.
Scanner Host
The scanner host for scanning the IP block and execute scenario tests.
IP Blocks
The IP blocks for scanning.
Enable Port Scan
The option for enabling the port scan. Enabled by default.
SNMP Community Strings
The community strings for SNMP, defaults are "public", "private" and "admin".
Execute Standard Scenario Test
The option for executing the standard scenario tests.
Execute Brute Password Tests
The option for executing the brute password tests.
Execute Vulnerability Scan
The option for executing vulnerability scan.
Run Vulnerability Scan Every X
The interval for executing the vulnerability scan.
Begin Vulnerability Scan After
The time field for beginning of the vulnerability scan.
Begin Vulnerability Scan Before
The time field for before the vulnerability scan.
Credentials
The section for selecting the provided credentials.
Enable Tenable Nessus Scan
The option for enabling Tenable Nessus scan. Disabled by default.
Tenable Nessus Address
The address of the Tenable Nessus
Tenable Nessus Credential
The section for selecting the Tenable Nessus credential.
Tenable Nessus Use Existing Per Host Scan Policy
The option for enabling Tenable Nessus "Use Existing Per Host Scan Policy".
Tenable Nessus Existing Per Host Scan Policy Name
The section for selecting of the Tenable Nessus "Existing Per Host Scan Policy".
Tenable Nessus Use Existing Network Scan Policy
The option for enabling Tenable Nessus "Use Existing Network Scan Policy".
Tenable Nessus Existing Network Scan Policy Name
The section for selecting of the Tenable Nessus "Existing Network Scan Policy".
Tenable Nessus Perform Network Scan
The option for enabling Tenable Nessus "Perform Network Scan".
Tenable Nessus Network Scan Ranges
The section for selecting of the Tenable Nessus "Network Scan Ranges".
Enable Acunetix Scan
The option for enabling Acunetix scan.
Acunetix Address
The section for providing Acunetix address.
Acunetix Credential
The section for providing Acunetix credential
Acunetix Target URLs
The sction for providing Acunetix target URLs.
CyberCye platform can integrate with Tenable Nessus, if the credentaisl provided on the policy settings, the agent will connect to Tenable Nessus and execute vulnerability scans per host.
After everything is configured, please click on the "Save" button. The result can be observed under the "Asset Management" and "Security Assurance" -> "Vulnerability Management" pages.
