Showing results for 
Search instead for 
Did you mean: 
Level 7

Host Detection Problems


I am experiensing host detection problems when I use the full vulnerability scan against my servers. Especially when it comes to Virtual Servers. From a group of such type of servers hosted in a sinlge server, Foundstone manages to actually scan only one of them...and that was not the host server...but one of the virtual ones...Any suggestions why that could happen? Just to let you know those are Solaris servers. Actually, I have experienced plenty of OS Misidentification and Disability in Host Detection...I don't know if that is the reason but it is a fact.

Thank you

0 Kudos
1 Reply
Level 12

Re: Host Detection Problems

Thats hard to answer with out looking at the daily log files and a pcap. If I had a support case this is how I would go about finding the issue.

  1. Install Wireshark on the scan engine and configure it to gather packets going the target IP Address.
  2. Run a discovery scan.
  3. Analyze the daily log files to make sure the scan launched and ran.
  4. Analyze the pcaps to show that the scanner is sending packets to all IP Addresses in the scan.
  5. Show customer that the scan engine sent the packets but for some reason outside of our control either the packets didn't come back or the didn't comeback before the scan engine moved onto doing something else.

My guess based on lots of experience is that your targets didn't respond but without data to look at its hard to say.

Jeff Haynes

0 Kudos