Safeguard Community

Forum Asset Discovery Requirements

Asset Discovery Requirements

Mahmoud Emad over 1 year ago

Hello All,

Does Lunix Assets Discovery Job requires specific communication ports?

I tried to discover assets (While port 22 is open), but it fails

although i can add the same assets one by one successfully.

Top Replies

Mamen.Marco 11 months ago in reply to Tawfiq.Ahmad +1 verified

For Network Scan and in DMZ. SPP has access to the DMZ network and can ping every single server. What other ports are necesary to perform a Network Scan and onboard the different SOs.

Thanks

0 Tawfiq.Ahmad over 1 year ago

Hi Memad,

What version of SPP are you currently running?

Are you using Asset Discovery type as Directory or Network Scan?

Asset discovery using Directory requires the LDAP port 389

Network Scan Asset discovery, scans for the IP addresses on the network based on the IP range specified

Thanks!
Cancel
Up 0 Down

Reply

Verify Answer

Cancel
+1 Mamen.Marco 11 months ago in reply to Tawfiq.Ahmad

For Network Scan and in DMZ. SPP has access to the DMZ network and can ping every single server. What other ports are necesary to perform a Network Scan and onboard the different SOs.

Thanks
Cancel
Up +1 Down

Reply

Reject Answer

Cancel
0 Tawfiq.Ahmad 11 months ago in reply to Mamen.Marco

Hi Mamen,

SPP uses nmap (nmap.org/.../toc.html), and depending on what options you chose while creating the discovery job, SPP may use the following nmap arguments:

-sn for ping sweep (no port scanning)

--max-retries 2

--host-timeout 45s

--min-hostgroup 64

-O for OS fingerprinting (if you enable OS detection)

--top-ports 15 (Scans the 15 highest-ratio ports found in nmap-services file), for example the following TCP ports:

FTP 21

SSH 22

Telnet 23

SMTP 25

Domain 53

HTTP 80

POP3 110

MSRPC 135

NetBios-ssn 139

IMAP 143

HTTPS 443

Microsoft-ds 445

mySql 3306

ms-wbt-server 3389

http-Proxy 8080

Thanks!
Cancel
Up 0 Down

Reply

Verify Answer

Cancel