Comodo Web Inspector

• Introduction To Comodo Web Inspector
• The Administrative Interface
  • Logging-in To The Administrative Interface
  • Adding Websites For Daily Blacklist Monitoring And Malware Scanning
  • Managing Websites In Web Inspector
    • Removing A Website From Daily Blacklist Monitoring And Malware Scanning
    • Viewing Last Scanned WI Reports
    • Adding The WI Logo To Your Website
    • Validating Your Website
    • General Website Configuration
      • Disabling / Enabling A Website
      • Changing WI Notification Recipient Email Address
      • Web Inspector Scan Reports
      • False Positives
      • Scanning Options
      • Adding Trust Logo To Your Website
  • Managing Your Account
    • Web Inspector Area
    • My Account
    • Help
    • Contacts
  • PCI Scanning
    • Starting Up With Web Inspector PCI Scanning Service
      • Introduction To The Interface
      • Running Your PCI Scan
      • Viewing Executive Report, Charts And Vulnerability Reports
      • Accessing The Self Assessment Questionnaire
    • PCI Scanning Service - Infrastructure
    • PCI Scan
      • Overview
      • List Of Devices
      • How To Create A New Device
      • Devices Management
      • Start Scanning
      • Viewing A Dashboard Summary Of Scan Results
      • Viewing Executive Report, Charts And Vulnerability Reports
    • Internal Scanning
      • How To Add A New Device
      • Internal Devices Management
      • How To Install The Agent
      • Configuring The Agent
      • Using The Agent - Main Menu
        • HackerGuardian Agent
        • Network Configuration
        • Select A Device For Session Profile
        • Diagnostic Console
        • Shutdown System
      • Start Device Scanning
      • Viewing A Dashboard Summary Of Scan Results
      • View Reports And Statistics
    • Account Preferences And Scan Settings
      • My Account Area
      • Configure Email Alert And Global Alert Options
      • Custom Settings
      • PCI Settings
    • Scheduled Scans
      • Adding A New Scan Schedule
    • Web Inspector PCI Reports
      • Viewing Scan Reports
        • Filtering Options
      • Executive Report
      • Charts Page
      • Vulnerability Report
      • Mitigation Plan
      • Reporting False Positives
      • Downloading Reports Pack
      • Tracking Status Of Submitted False Positives
    • Purchasing Additional IP Packs
  • Web Inspector PCI FAQs
    • Web Inspector PCI Services - General FAQ
    • Web Inspector PCI Services - Technical FAQ
    • PCI FAQ
• About Comodo Security Solutions

Web Inspector PCI Services - Technical FAQ

 

• Do I need to allow the Web Inspector PCI scanning IP address?

• I signed up and got the following message: 'No vulnerabilities were found and the host did not respond to any of our checks' - what does this mean?

• Scan Compliancy - I have a dynamic IP assigned by my ISP. Can I still use Web Inspector PCI?

• I received an email saying new tests were added but Web Inspector PCI still shows the old number. How do I add them?

• Does Comodo maintain any statistics about what % of clients consistently a score of 0% on the 'High Risk' threats? Or what % of all commercial servers would have this score?

• How do I upgrade from a trial account to the full version?

• After upgrading, will I have to re-enter my IP/Domain information?

• I am an existing Comodo account holder (e.g. SSL) - can I use my existing Username and Password during purchase?

• Explain the password/username system to me.

• Can I scan private (internal) IP addresses?

• Scan Compliancy: How many concurrent scans can I run?

• How many ports does each service test?

• I have changed my password, and now cannot login to the Web Inspector website, why?

• Scan Compliancy: Does Web Inspector PCI use the latest CVSS v2?

Do I need to allow the Web Inspector PCI scanning IP address?

In order for the Web Inspector PCI scan to be successful your firewall must be set to allow the IP address the scan is coming from.

The IP ranges that Web Inspector PCI scans originate from are 208.116.56.32/28 and 91.209.196.32/28

I signed up and got the following message: 'No vulnerabilities were found and the host did not respond to any of our checks' - what does this mean?

This can mean one of two things.

Either:

1) The host is currently unreachable.
It could be that the host is unreachable because of a problem with your server.

Quite often, however, it is because your firewall is denying access to the Web Inspector PCI scanner. In order for the Web Inspector PCI scan to be successful your firewall must be set to allow the IP address the scan is coming from.

The IP ranges that Web Inspector PCI scans originate from are 208.116.56.32/28 and 91.209.196.32/28

Or:

2) No services are available on the host and it is secure.

Scan Compliancy: I have a dynamic IP assigned by my ISP. Can I still use Web Inspector PCI?

No. It is not possible to use the Scan Control Service unless you have a static IP.

I received an email saying new tests were added but Web Inspector PCI still shows the old number. How do I add them?

Click the tick at the top of the plug-selections to enable all new tests in the current scan.

This is explained in more detail in the Account Preferences and Scan Settings.

Does Comodo maintain any statistics about what % of clients consistently a score of 0% on the 'High Risk' threats? Or what % of all commercial servers would have this score?

Comodo does not maintain any sort of global statistics about the scan results we produce.

How do I upgrade from a trial account to the full version?

Upgrade PCI Scan Control Service

Click 'My Account' and in the 'Comodo WebInspector Subscriptions' screen click the 'Purchase More Licenses' link.

Or

Upgrade by buying the full version through this link:http://www.webinspector.com/product_price.php

Remember to select 'Existing Customer' and use your regular Comodo account username and password to during signup.

After upgrading, will I have to re-enter my IP/Domain information?

For thePCI Scan Control Service any previously validated IP addresses will still be usable.

I am an existing Comodo account holder (e.g. SSL) - can I use my existing Username and Password during purchase?

Yes. You should use the 'Existing Customer Option' and enter your existing Comodo UN/PW during the signup process. You can then also use your Comodo account Password and Username to log into the Web Inspector PCI interface athttps://app.webinspector.com/login

Explain the password/username system to me.

During signup you created a Comodo account with a Username and Password. This Username and Password has dual functionality:

1. Use it to log into your Comodo account and manage your Comodo account details. You can log in athttp://www.comodo.com
2. Use it to log into the Web Inspector PCI web-application interface. Do this using the login box at:https://app.webinspector.com/login

Also see the online help documentation at:http://help.comodo.com/topic-208-1-490-5111-Introduction-to-Comodo-Web-Inspector.html

Can I scan private (internal) IP addresses?

Yes. Internal IP addresses can be scanned if you have a Web Inspector PCI Scan Compliancy Enterprise license. It is not possible to scan internal IPs with the standard license.

Private IPs ranges are defined by RFC 1918 as:

10.0.0.0 - 10.255.255.255 (10/8 prefix)

172.16.0.0 - 172.31.255.255 (172.16/12 prefix)

192.168.0.0 - 192.168.255.255 (192/168/16 prefix)

How many concurrent scans can I run?

The number of concurrent scans you can run is 10% of the number of IP's covered by your license and the maximum number is 25. For example, if the number of IP addresses covered by your license is 50, you can run five concurrent scans on different IP's.

How many ports does each service test?

Different level of services will allow for different total numbers of ports to be scanned. (If you use the Scan Control service, you may define ranges of ports to be scanned within the 'Set Options' page in the 'Port Range' field.)

• The PCI Scan Control Service scan tests up to a total of 65,535 ports - the total number of ports available on your system.

• The Daily and Free services will scan the first 15,000 ports on your system. This is a targeted selection of the most commonly used (and commonly attacked) ports.*

Note that most services run on the reserved ports below 1024 and security industry experts agree that these are the most commonly targeted ports. In some circumstances it will be beneficial to test all 65,535 ports, but administrators should be aware that this will lengthen the scan time.

I have changed my password, and now cannot login to the Web Inspector website, why?

When you change your password there is a delay between changing it, and that change being synchronized with the Web Inspector database.

Please allow 15 minutes for the synchronization to take place after changing your password.

Does Web Inspector PCI use the latest CVSS v2?

Yes. Web Inspector PCI uses the latest Common Vulnerability Scoring System version 2 (CVSS v2). All Web Inspector PCI Scan customers are not impacted by the change from CVSS v1 to v2 as we have already been using v2.