Skip to main content

1E 8.1 (on-premises)

Discovery.ScanPortsOnDevices

Method

ScanPortsOnDevices

Module

Discovery

Library

Discovery

Action

Probe a set of ports on a set of devices.

Parameters

IpRanges (string): A comma-separated list of IP address ranges that should be scanned for devices with ports.

    • This parameter should be of the form "<ipAddressLow>-<ipAddressHigh>[,<ipAddressLow>-<ipAddressHigh>...]", with no spaces.

      • e.g. "1.2.3.4-1.2.3.100,2.3.4.0-2.3.4.255".

    • Should not be empty

Ports (string): A comma-separated list of individual port numbers that should have a scan attempted on all the devices found.

    • This parameter should be of the form "<port>[,<port>...]"

      • e.g. "80,443,127,128,25"

    • Should not be empty

TimeoutPerPortMilliseconds (integer, optional, default 500): The maximum time period, in milliseconds, to wait for a port to respond before giving up. This needs to be tailored to suit the individual network to avoid giving up too soon and not learning anything.

    • TimeoutPerPortMillisecondsMin <= TimeoutPerPortMilliseconds <= TimeoutPerPortMillisecondsMax

ConcurrentIps (integer, optional, default 8): The maximum number of devices undergoing port scanning at once. Most of the time this method will be scanning "ConcurrentIps" devices until there are not that many to work on where it drops off as they finish.

    • ConcurrentIpsMin <= ConcurrentIps <= ConcurrentIpsMax

WaitBetweenPortsMilliseconds (integer, optional, default 500): The minimum time period, in milliseconds, to leave between the last successful port scan (ie anything but a timeout) and starting the next port scan, otherwise there will have already been a delay of length TimeoutPerPortMilliseconds, which generally would mean there is either no device at this IP address or a clever firewall is ignoring it.

    • WaitBetweenPortsMillisecondsMin <= WaitBetweenPortsMilliseconds <= WaitBetweenPortsMillisecondsMax

Return values

Ip (string): The IP address of the device in the IP-range the agent scanned

Port (integer): The port on the device that was scanned

Result (integer): The outcome of the scan of the port:

Identifier

Meaning

0

timeout

1

rejected

2

connected

Response (string): A blank field reserved for future use

Example

Discovery.ScanPortsOnDevices(IpRanges: "192.168.100.1-192.168.100.255", Ports: "22,23,25,53,80,443");

Platforms

  • Windows

  • Linux

  • MacOS

Notes

The default limits are configurable. The following configuration settings should be set to numbers only:

  • Module.Discovery.TimeoutPerPortMillisecondsMin (default 500)

  • Module.Discovery.TimeoutPerPortMillisecondsMax (default 10,000)

  • Module.Discovery.ConcurrentIpsMin (default 1)

  • Module.Discovery.ConcurrentIpsMax (default 32)

  • Module.Discovery.WaitBetweenPortsMillisecondsMin (default 500)

  • Module.Discovery.WaitBetweenPortsMillisecondsMax (default 10,000)

The following setting configures the maximum number of IP Addresses contained within a range; e.g. 10.10.10.1-10.10.10.254 would be a range of 254 IP addresses, so if IpAddressRangeSizeMax is set to 128 then it would reject 254 addresses, but would allow 10.10.10.2-10.10.10.129

  • Module.Discovery.IpAddressRangeSizeMax (default 32)

There is no minimum value to configure for this - a range could have zero IP addresses if it is specified.

In this section: