Scan results

Scan results

  1. Scan results.

In this section, you can configure and manage the scans.

Clicking on scan results displays the vulnerabilities configuration view.

scan-results.png

This view shows a table listing the scans. The list can be sorted in ascending or descending order and displays the following columns:

3.1 The following scan configurations are already available:

3.3 View Results

This page shows the results for a task. It displays three graphs and a table.

Graphs

Table

For every result, the following information is displayed:

VULNERABILITY

Name of the found vulnerability. By clicking on the Name, details of the vulnerability are shown

SEVERITY

The severity of the vulnerability

QOD

Quality of Detection and shows the reliability of the detection of a vulnerability.

LOCATION

Port number and protocol type used to find the vulnerability on the host. By clicking on the Name, details of the vulnerability are shown

DATE

Date and time of the report creation

ASSET

Asset for which the result was found. The IP address is displayed. Click on Asset to view the asset detail

 

3.4 Filters

The user can employ the filters to display only the most significant results.

UTMStack provides the following filter parameters:

3.5 Status

Delete requested: The task was deleted. The actual deletion process can take some time, as reports need to be deleted as well.

Done: The task has been completed successfully

New: The task has not been run since it was created.

Requested: The task was just started.

Running: The task is currently running

Stop requested: The task was requested to stop recently. However, the scan engine has not yet reacted to this request.

Stopped: The task was stopped. The latest report is possibly not yet complete. After restarting the scanner, the task will be resumed automatically.

Internal error: An error has occurred, and the task was interrupted. The latest report is possibly not complete yet or is missing entirely.

All: All tasks

 3.6 Targets

This view shows a table with the list of targets.  The next columns are displayed:

 

Name

A descriptive name should be chosen if possible.

Hosts

Manual entry of the hosts that should be scanned, separated by commas,

Port list

Port list used if the target is used for a scan

Action

Three available options: task using the target, edit schedule, and target in use

 

Schedules

3.7 Schedules.

Select a previously configured schedule from the tabular list. The following details are displayed:

Action: You can execute the following actions:

You can filter the results by Name, first run, next run, period, and duration.

Click on the New schedule tab to configure a new schedule.

Port List

3.8 Ports list.

Managing Port Lists. All existing port lists can be displayed by clicking on the Port List tab.

For all port lists the following information is displayed:

Name Name of the port list. A global port list is marked with.

Comment: Associated comments

Last modification: Date and time of the last modification

Total: Total number of ports in the port list.

TCP:  Number of TCP ports in the port list.

UDP: Number of UDP ports in the port list.

You can filter the results by Name, time, and Port Ranges: Manual entry of the TCP, UDP ports ranges. If entering manually, the port ranges are separated by commas.

For all port lists, the following actions are available:

3.8.1 A new port list can be created as follows:

  1. Click on New Port List to display a popup window
  2. The following details of the port list can be defined:

Name Definition of the Name. The Name can be chosen freely.

Comment: An optional comment can contain additional information.

TCP:  Number of TCP ports in the port list.

UDP: Number of UDP ports in the port list

  1. Click Save.

Credentials

3.9 Credentials.

Credentials for local security checks are required to allow NVTs to log into target systems, e.g., for locally checking the presence of all vendor security patches.

An authenticated scan can provide more vulnerability details on the scanned system. The scan requires the prior setup of user credentials. These credentials are used to authenticate to different services on the target system. In some circumstances, the results could be limited by the permissions of the users used.

All existing credentials can be displayed by clicking on the Credentials tab.

For all credentials, the following information is displayed:

Name: Name of the credential

Type: Chosen credential type.

Allow insecure use: Indication whether the GSM can use the credential for unencrypted or otherwise insecure authentication methods.

Login: The user name for the credential if a credential type that requires a user name is chosen.

For all credentials, the following actions are available:

Click on the Name of a credential to display the details of the credential.

Creating a Credential

A new credential can be created as follows:

Click on New credential and configure the next parameters:

Name: Definition of the Name. The Name can be chosen freely.

Comment: An optional comment can contain additional information

Allow insecure use: Select whether UTMStack can use the credential for unencrypted or otherwise insecure authentication methods.

Username: Definition of the login name used to authenticate on the scanned target system.

Password: Definition of the password used to authenticate on the scanned target system.