Cisco Cisco Firepower Management Center 2000
43-14
FireSIGHT System User Guide
Chapter 43 Configuring Active Scanning
Managing Nmap Scanning
Note that this option scans port 80 by default and that TCP SYN scans are less likely to be blocked
by a firewall with stateful firewall rules.
by a firewall with stateful firewall rules.
•
To send an empty TCP packet with the ACK flag set and elicit an RST response on available hosts,
select
select
TCP ACK.
Note that this option scans port 80 by default and that TCP ACK scans are less likely to be blocked
by a firewall with stateless firewall rules.
by a firewall with stateless firewall rules.
•
To send a UDP packet to elicit port unreachable responses from closed ports on available hosts,
select
select
UDP
. This option scans port 40125 by default.
Step 17
If you want to scan a custom list of ports during host discovery, type a list of ports appropriate for the
host discovery method you selected, separated by commas, in the
host discovery method you selected, separated by commas, in the
Host Discovery Port List
field.
Step 18
Configure the
Default NSE Scripts
option to control whether to use the default set of Nmap scripts for host
discovery and server, operating system, and vulnerability discovery:
•
To run the default set of Nmap scripts, select
On
.
•
To skip the default set of Nmap scripts, select
Off
.
Step 19
To set the timing of the scan process, select a timing template number; select a higher number for a faster,
less comprehensive scan and a lower number for a slower, more comprehensive scan.
less comprehensive scan and a lower number for a slower, more comprehensive scan.
Step 20
Click
Save
, then click
Done
.
The remediation is created.
Managing Nmap Scanning
License:
FireSIGHT
You can modify or delete Nmap scan instances and remediations as needed. You can also run an
on-demand Nmap scan. You can also view or download Nmap results for previous scans. For more
information, see the following sections:
on-demand Nmap scan. You can also view or download Nmap results for previous scans. For more
information, see the following sections:
•
•
•
Managing Nmap Scan Instances
License:
FireSIGHT
You can edit or delete Nmap scan instances. For more information, see the following sections:
•
•
Editing an Nmap Scan Instance
License:
FireSIGHT