Comodo Help
Find the desired product help
Comodo Web Inspector

Comodo Web Inspector

Version 1.0

English

Print Help Download Help
The Administrative Interface > PCI Scanning > Account Preferences And Scan Settings > PCI Settings
  • Introduction To Comodo Web Inspector
  • The Administrative Interface
    • Logging-in To The Administrative Interface
    • Adding Websites For Daily Blacklist Monitoring And Malware Scanning
    • Managing Websites In Web Inspector
      • Removing A Website From Daily Blacklist Monitoring And Malware Scanning
      • Viewing Last Scanned WI Reports
      • Adding The WI Logo To Your Website
      • Validating Your Website
      • General Website Configuration
        • Disabling / Enabling A Website
        • Changing WI Notification Recipient Email Address
        • Web Inspector Scan Reports
        • False Positives
        • Scanning Options
        • Adding Trust Logo To Your Website
    • Managing Your Account
      • Web Inspector Area
      • My Account
      • Help
      • Contacts
    • PCI Scanning
      • Starting Up With Web Inspector PCI Scanning Service
        • Introduction To The Interface
        • Running Your PCI Scan
        • Viewing Executive Report, Charts And Vulnerability Reports
        • Accessing The Self Assessment Questionnaire
      • PCI Scanning Service - Infrastructure
      • PCI Scan
        • Overview
        • List Of Devices
        • How To Create A New Device
        • Devices Management
        • Start Scanning
        • Viewing A Dashboard Summary Of Scan Results
        • Viewing Executive Report, Charts And Vulnerability Reports
      • Internal Scanning
        • How To Add A New Device
        • Internal Devices Management
        • How To Install The Agent
        • Configuring The Agent
        • Using The Agent - Main Menu
          • HackerGuardian Agent
          • Network Configuration
          • Select A Device For Session Profile
          • Diagnostic Console
          • Shutdown System
        • Start Device Scanning
        • Viewing A Dashboard Summary Of Scan Results
        • View Reports And Statistics
      • Account Preferences And Scan Settings
        • My Account Area
        • Configure Email Alert And Global Alert Options
        • Custom Settings
        • PCI Settings
      • Scheduled Scans
        • Adding A New Scan Schedule
      • Web Inspector PCI Reports
        • Viewing Scan Reports
          • Filtering Options
        • Executive Report
        • Charts Page
        • Vulnerability Report
        • Mitigation Plan
        • Reporting False Positives
        • Downloading Reports Pack
        • Tracking Status Of Submitted False Positives
      • Purchasing Additional IP Packs
    • Web Inspector PCI FAQs
      • Web Inspector PCI Services - General FAQ
      • Web Inspector PCI Services - Technical FAQ
      • PCI FAQ
  • About Comodo Security Solutions

PCI Settings


The PCI Settings area enables the administrator to customize the scan start page and to include hidden urls to be scanned for a Device and to specify the maximum number of concurrent scans.

  • By default, the scanning is started from the main website page. If the index page of the website is different from the main site page, the administrator has to specify the index page url as the Start url, in order to start the scanning from the index page.
  • If the website(s) contained in the Device has hidden webpages, which are not linked from any other active page. Then the crawler will not be able to find them and include them for scanning. These hidden pages are to be scanned, Web Inspector PCI allows you to manually add them to the device for scanning.

 

To access the PCI Settings area

  1. Switch to 'My Accounts' area of the Web Inspector PCI interface.

  2. Click the 'PCI Settings' link in the 'My Accounts' area




This area allows the Administrator to:

  • Specify the target urls, including hidden urls to be scanned;
  • Specify the maximum number of allowed concurrent scans and select scan options

Specifying Target URLs for Scanning

  1. Select the Web Inspector PCI Device for which the PCI Settings are to be customized from the Device drop-down.

  2. Select the IP Address/Domain contained in the Device.

  3. Enter the start page or index page of selected domain in the StartUrl selection textbox and click Save/Add.

Note: The domain name need not be repeated and the startpage should not be ended with a “/” . If this field is left blank, the scanning will be started from the main website page.

For example, if the index page of the domain testdomain.com is www.testdomain.com/starturl/index.html, just enter “starturl” in the Start Url selection textbox.


  1. Enter the hidden url in the Hidden Url selection text box and click Save/Add.


Note: The start page url should be mentioned for each hidden url. The hidden url should be prefixed with a “/” . The domain name and the full path need not be repeated.

For example, if the hidden page of the domain testdomain.com/starturl is www.testdomain.com/starturl/hiddenpage, just enter “/hiddenpage” in the Hidden Url selection textbox. Placing the mouse cursor over the added hidden url will display the full path.




  1. Repeat the process for adding the start url and the hidden url for each hidden page in the website.


Setting Maximum Number of Allowed Concurrent Scan and Scan Options


In the PCI Scanning Options section, select the High, Medium or Slow radio buttons to specify the maximum number of concurrent scans. The number of allowed parallel checks are as given below:


High -

Six Parallel Checks

Medium -

Four Parallel Checks (default)

Slow -

One check at a time

 

Tip: Lower the number of concurrent scans, faster will be the process.


Scanning Options


Click the 'More Scan Options' link to view all the scanning options available.


This area enables administrators to configure general options pertaining to the scans. The settings chosen in this area will apply to any scan performed on selected device in the 'Overview' and 'Scheduled Scans' areas.


Scan Option Element Type Description

Ping the Remote Hosts

 Check box

Pings the remote hosts through TCP connection and reports to the plug-ins knowledge base on whether the remote host is dead or alive. This sends to the remote host a packet with the flag SYN, and the host will reply with a RST or a SYNACK.

Consider unscanned ports as closed

 Check box

Ports that are not specifically scanned will be assumed as in closed state.

Do an applicative UDP ping (DNS,RPC...)

 Check box

Performs a check if the host is up by sending a single UDP packet. The host is up if another UDP packet is returned or if an ICMP port unreachable message is returned.

Port Range

 Check box

 

Set the range of ports to be scanned. A special value of default is allowed which scans port 1-15000. To scan all TCP ports on the target host, enter '1-65535'. Enter single ports, such as "21, 23, 25" or more complex sets, such as "21, 23, 25, 1024-2048, 6000", or enter "default" to scan default ports.

Optimized Test

 Check box

Allows the scan to be optimized by only performing tests if information previously collected indicates a test is relevant. When disabled all tests are performed.

Nmap (NASL Wrapper)

 Check box

Runs nmap(1) to find open ports.

Scan for La Breatarpitted hosts

 Check box

Performs a labrea tarpit scan, by sending a bogus ACK and ACK-windowprobe to a potential host. Also sends a TCP SYN to test for non-persisting lebrea machines.

SYN Scan

 Check box

Performs a fast SYN port scan by computing the RTT (round trip time) of the packets moving back and forth between host and the target and using the value to quickly send SYN packets to the remote host.

Netstat Scanner

  Check box  

Runs netstat on the remote machine to find open ports.

Safe Checks

  Check box  

Some checks are potentially harmful to the target host being scanned. When this option is enabled scans which may harm the target host are not performed. This option should be disabled to perform a full scan.
Designate hosts by their MAC address
  Check box  

This option will identify hosts in the scan report by their Ethernet MAC address rather than their IP address. This is useful for networks in which DHCP is used.

Exclude top level domain wildcard hosts
  Check box  

Excludes the hosts whose addresses are returned by a wildcard on some top level domains or the web server.

Nessus TCP Scanner  Check box  

Enables classical TCP port scanner. It shall be reasonably quick even against a firewalled target. Once a TCP connection is open, it grabs any available banner for the service identifications. TCP scanners are more intrusive than SYN (half open) scanners.


    Our Products
    • Free Antivirus
    • Free Internet Security
    • Website Malware Removal
    • Free Anti-Malware
    • Anti-Spam (Free Trial)
    • Windows Antivirus
    • Antivirus for Windows 7
    • Antivirus for Windows 8
    • Antivirus for Windows 10
    • Antivirus for MAC
    • Antivirus for Linux
    • Free Endpoint Security
    • Free ModSecurity
    • Free RMM
    • Free Website Malware Scanner
    • Free Device Manager for Android
    • Free Demo
    • Network Security
    • Endpoint Protection
    • Antivirus for Android
    • Comodo Antivirus
    • Wordpress Security
    Cheap CDN
    • Bootstrap CDN
    • Semantic UI CDN
    • Jquery CDN
    • CDN Plans
    • CDN
    • Free CDN
    Enterprise
    • Patch Management Software
    • Patch Manager
    • Service Desk
    • Website Down
    • Endpoint Protection Solutions
    • Website Security Check
    • Remote Monitoring and Management
    • Website Security
    • Device Manager
    • ITSM
    • CRM
    • MSP
    • Android Device Manager
    • MDR Services
    • Ransomware Prevention
    • Managed IT Support Services
    • Free EDR
    Free SSL Certificate
    Support Partners Terms and Conditions Privacy Policy

    © Comodo Group, Inc. 2023. All rights reserved.