User Guide

View Report

If you click View Report the following screen appears.

The View Report will have the following columns.

• Time - shows the Date and Time of the performed Scan.
• Target - shows the IP address for which scan has been performed.
• Status - shows whether the scan has been completely performed or not. If completely performed then the Status is shown Finished. If not completely performed then the status remains Failure.

To view the report click on any one of the Date and Time listed under the Time column. The following screen with the summary appears.

Report in details

If you click GO TO REPORT LIST in the Audit Report Screen, the following Screen appears.

In the Report List the IP which has been scanned, would be shown at the top of list.

The Report list displays sum of all vulnerabilities found during scan, and that followed by detailed description of the vulnerabilities one by one, which states the reason for not permiting to enter the server.

Synopsis

The Synopsis in the report tells the end user about the security hole. For example: if the protocol is encrypted, if debugging is enabled etc. Based on the synopsis a vulnerability description is given. The  vulnerability description in the report, suggests the Solution, Risk Factor and CVE.

Solution 

When there is a security warning / Vulnerability found, the report suggests you to take some action by giving a set of rules to be configured for the specfic port/service vulnerability.

Risk Factor - Low | Medium | High

In the report list the Risk Factor shows the severity of the vulnerability. Here NVD provides severity rankings of “Low”, “Medium”, and “High” in addition to the numeric CVSS scores but these qualitative rankings are simply mapped from the numeric CVSS scores:

• Vulnerabilities are labeled “Low” severity if they have a CVSS base score of 0.0-3.9.
• Vulnerabilities will be labeled “Medium” severity if they have a base CVSS score of 4.0-6.9.
• Vulnerabilities will be labeled “High” severity if they have a CVSS base score of 7.0-10.0. 

CVE

The CVE list provides an index of standardized names for vulnerabilities and other information security exposures - CVE aims to standardize the names for all publicly known vulnerabilities and security exposures.

Examples of universal vulnerabilities include:

• phf (remote command execution as user "nobody")
• rpc.ttdbserverd (remote command execution as root)
• world-writeable password file (modification of system-critical data)
• default password (remote command execution or other access)
• denial of service problems that allow an attacker to cause a Blue Screen of Death
• smurf (denial of service by flooding a network)

Examples of exposures include:

• running services such as finger (useful for information gathering, though it works as advertised)
• inappropriate settings for Windows NT auditing policies (where "inappropriate" is enterprise-specific)
• running services that are common attack points (e.g., HTTP, FTP, or SMTP)
• use of applications or services that can be successfully attacked by brute force methods (e.g., use of trivially broken encryption, or a small key space)

Each CVE name includes the following:

• CVE identifier number (i.e., "CVE-1999-0067").
• Indication of "entry" or "candidate" status.
• Brief description of the security vulnerability or exposure.
• Any pertinent references (i.e., vulnerability reports and advisories or OVAL-ID).

Compare Reports

The comparative Report gives all the information regarding the Date and Time you scanned the IP with number of hosts audited, security holes found, security warning etc., also with a Risk Factor Comparison Chart, which helps you to compare the risk level you had before with now.