Port Discovery and Scanning

Port Discovery and Port Scanning

 

Detectify now scans for the top 8,500 ports for all customers who have Surface Monitoring enabled.

 

What Ports are scanned?

  • We are currently scanning the top 8,500 ports.

  • The 8,500 ports is a combination of top 1,000 and an internal list from Detectofy's own Security Researcher team.

  • Port discovery runs periodically, 2 - 3 times a day, for all Assets (and its sub assets (subdomains)) with Surface Monitoring enabled. This includes new and previously discovered assets.

 

Where can I see the port information?

We continuously scan and display all the open ports on the Assets page and on the subdomain tabs. 

 

Asset view and the subdomain view displays the number of open ports for the asset which is clickable. When clicked, it shows details of ports such as: IP address, protocol and, last seen which can be sorted.


 

Can I turn off port discovery?

In the advanced setting section, under  "Port discovery" can be used to disable port scanning (running tests) on auto discovered ports.

 

The default setting would be that all auto discovered ports are considered for stateless tests. When this setting is disabled, only ports 80 and 443 are considered for stateless tests and fingerprinting of technologies.