This area enables administrators to configure general options pertaining to the scans. The settings you choose in this area will apply to any scan performed on selected device in the Scan Manager and Scheduled Scans areas.

HackerGuardian Set Options

Port range : This is the range of ports that will be scanned. A special value of default is allowed which scans port 1-15000. To scan all TCP ports on the target host, enter '1-65535'. Enter single ports, such as "21, 23, 25" or more complex sets, such as "21, 23, 25, 1024-2048, 6000", or put "default" to scan default ports.

Safe checks : Some checks are potentially harmful to the target host being scanned. When this option is enabled scans which may harm the target host are not performed. This option should be disabled to perform a full scan.

Parallel checks : This is the maximum number of security checks that will be performed in parallel. This may be reduced to a minimum of one to reduce network load.

Designate hosts by their MAC address : This option will identify hosts in the scan report by their Ethernet MAC address rather than their IP address. This is useful for networks in which DHCP is used.

Optimized the test : This option allows the scan to be optimised by only performing tests if information previously collected indicates a test is relevant. When disabled all tests are performed.

Nmap(NASL Wrapper) : This runs nmap(1) to find open ports. See the section (plugins options) to configure it.

Exclude toplevel Domain Wildcard host : The host you were trying to scan is blacklisted: its address is known to be returned by a wildcard on some top level domains or its the web server. You probably mistyped its name.

Scan for LaBreatarpitted hosts : This performs a Labrea Tarpit scan, by sending a bogus ACK and ACK-window probe to a potential host. It also sends a TCP SYN to test for non-persisting La Brea machines.

Nessus TCP Scanner : This is a classical TCP port scanner. It shall be reasonably quick even against a firewalled target. Once a TCP connection is open, it grabs any available banner for the service identifications. TCP scanners are more intrusive than SYN (half open) scanners.

SYN Scan : This performs a fast SYN port scan. It does so by computing the RTT of the packets coming back and forth between host and the target, then it uses that to quickly send SYN packets to the remote host.

Ping the Remote Hosts : This will TCP ping the remote host and report to the plugins knowledge base whether the remote host is dead or alive. This sends to the remote host a packet with the flag SYN, and the host will reply with a RST or a SYNACK.

Netstat Scanner : This runs netstat on the remote machine to find open ports.