Port Discovery
Using the HD census of active IP devices, Asset Manager conducts a benign port scan that opens and gracefully closes the TCP service ports tested. Asset Manager avoids performing any application-level transactions because they can have unpredictable and undesirable effects on some systems.
Asset Manager records port open/closed status by sending the following packets for each targeted port and IP.
- TCP Syn
- TCP Syn/Ack Responses will result in TCP RST
Port List
The following is the default list of TCP ports used for Port Discovery in Asset Manager:
Vulnerable Ports
0,21-23,25,79,80,110,113,119,135,137,139,143,389,443,445,1002,1024-1050,1720,5000,8080
Infection Ports
21,23,25,80,113,137,139,555,666,1001,1025,1026,1028,1243,2000,5000,6667,6670,6711,6776,6969,7000,8080,12345,12346,21554,22222,27374,29559,31337,31338
If you do not select the Infectious and/or Vulnerable checkboxes in Port Discovery, you may still see the Asset Manager Network Index (LNI) chart showing a count greater than 0 associated with the Infectious and Vulnerable Ports columns.
Why? When you enter a port number in the following fields that is also on Asset Manager's Vulnerable or Infectious Port list, Asset Manager characterizes it as Vulnerable or Infectious, in appropriate reports.
- Path Discovery > Custom TCP Ports
- Host Discovery >Custom TCP Ports
- Ports Discovery > Custom TCP Ports
- Profile Discovery > HTTP Ports
- Profile Discovery > HTTPS Port
Configure Port Discovery
Populate the Custom TCP Port List with the following:
- Flat ASCII format, one entry per line
- Each entry is a port number and descriptor, separated by a space