In order to set up vulnerability scanning on an IP address, you first need to add it to the 'Address Book'.
Once an IP address is stored in the address book, it can becomes available for selection in HackerGuardian's 'Start Scanning' area. You can add as many IP addresses as you like to the address book, and you can run as many concurrent scans on multiple IP's as allowed on the license you purchased.
The address book summary shows the list of user-stored IP addresses. The summary contains the following information:
- Disabled - Check this box to disable the IP scan temporarily;
- Name - The record name given while adding the IP in address book
- Address - This shows the IP address you specified.
- Status - Shows the validation status of the IP. After first applying, this will say 'Awaiting Validation'. Once we have validated the IP, it will change to 'OK'
- Valid From - Shows the date when the IP was validated.
Add New Address
Setting up a new IP address or IP range for scanning is a two stage process:
(1) The user applies for PCI Scan on an IP or IP range using the built-in form accessed by clicking 'Add New Address'
(2) Comodo staff validates that the applicant has the right to conduct scans on the specified IP or IP range.
Establishing that an applicant has the right to scan a particular IP is critical and cannot be avoided. If no validation took place, then the scanning engine could be used for illegal purposes. (For example, a hacker could enter the IP of a bank website, discover its vulnerabilities then use the information to carry out an attack on that IP). Therefore, you need to prove to use that you either own the IP or have permission from the IP owner to conduct scans.
To begin the process click
The Add IP address form appears:
- Record Name - Administrators can choose a friendly name for the IP address or range.
- IP Address - Enter the IP address you wish to configure for vulnerability scanning
- IP Range - Alternatively, HackerGuardian allows you to scan an entire range of IP's by entering the start and end addresses. e.g. 123.45.67.01 TO 40 will scan every IP in the range 123.45.67.01 TO 188.8.131.52
Note: You must enter external IP addresses in these fields. HackerGuardian will not scan private IP addresses that refer to machines internal to your network.
Private IPs ranges are defined by RFC 1918 as:
10.0.0.0 - 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
192.168.0.0 - 192.168.255.255 (192/168/16 prefix)
If you check the box 'Please Confirm....' then we shall use your contact details to during our checks to validate IP ownership. If you leave the box unchecked, then you need to supply contact details of the person within your organization who can authorize the use of the IP. (Typically this will be your network administrator or head of technical services).
If you know that your ISP owns the IP you wish to scan, then please fill out your Internet Service Provider's (ISP) name, email and telephone number in the fields provided.
After you have filled out all the applicable fields, click Save. This will submit a validation request to Comodo staff that you wish to conduct scans on the stated IP or IP range.
I've submitted my desired IP to validation - what happens next?
After receiving your application, Comodo's validation staff will carry out a series of checks to establish that you own the IP or have authority to scan the IP.
- If Comodo's checks indicate you own the IP address(es) that you have entered, you will quickly be validated quickly and can begin scanning.
- If our checks show the IP address(es) are owned by your ISP, we will contact you to request that you send a statement indicating that you are authorized for the exclusive use of the IP. This can be in the form of an invoice from the ISP that expressly shows that IP, or a signed statement from the ISP. We may also need to contact the ISP to verify that statement.
After successful validation, the IP is stored in address book and will be available for selection whenever you want to Start Scanning
Addtional IP addresses can be purchased and added to your HackerGuardian license at any time. For more details, please refer to the Additional IP Packs section.
Note: You cannot use the VSA service if you have a Dynamic IP address supplied by your ISP. You can only use the VSA service if have a Static IP