Enterprise Recon 2.9.1
Websites
This section covers the following topics:
Licensing
For Sitewide Licenses, all scanned website Targets consume data from the Sitewide License data allowance limit.
For Non-Sitewide Licenses, website Targets require Server & DB Licenses, and consume data from the Server & DB License data allowance limit.
See Target Licenses for more information.
Requirements
Requirements | Description |
---|---|
Proxy Agent |
Required Proxy Agents:
|
TCP Allowed Connections |
|
Set Up a Website as a Target Location
- From the New Scan page, Add Targets.
- In the Select Target Type dialog box, select Server.
- In Enter New Target Hostname, enter the website domain name.
- Click Test. If ER2 can connect to the Target, the button changes to a Commit button.
- Click Commit to add the Target.
- In the Select Types dialog box, select Websites.
- Under Websites section, select Website (http://) or SSL Website (https://).
-
Fill in the fields as follows:
Field Description (Optional) Path See Path Options table to understand the parameters available to configure a website scan.
If Path field is left blank, only resources available at the Target website root directory will be scanned.(Optional) Credential Label Enter a descriptive label for the credential set. Only "Basic" HTTP authentication scheme credentials are supported.(Optional) Username Enter your user name. (Optional) Password Enter your password. Agent to act as proxy host The host name of the machine on which the Proxy Agent resides on. This selected Proxy Agent will be used to scan the website.
Recommended Least Privilege User ApproachTo reduce the risk of data loss or privileged account abuse, the Target credentials provided for the intended Target should only be granted read-only access to the exact resources and data that require scanning. Never grant full user access privileges or unrestricted data access to any application if it is not required.
- Click +Add customised.
Path Options
The following options can be defined in the Path field to setup a website Target scan:
Options | Description |
---|---|
<folder> |
Scan a specific directory on the website domain. If <folder> is not defined in the Path field, only resources available at the Target website root directory will be scanned. |
(port=<port>) |
Define a custom port for the Proxy Agent to establish a connection with the server hosting the Target website. If the Target website is hosted on a port other than the standard HTTP (80) or HTTPS (443) ports, the port option must be specified. |
(depth=<depth>) |
Specify the depth of the website scan:
|
(proxy=<proxy>) |
Specify the address of the HTTP proxy server. If the Proxy Agent has to connect to the Target website via a HTTP proxy server, the proxy option must be specified. |
The examples below describe the different scan scenarios based on the value in the Path field for a Target website hosted at http://www.example.com.
- folder1(depth=2)(port=8080)
Proxy Agent will receive instructions to scan the resources available in the following directories on port 8080:- www.example.com:8080/folder1/*
- www.example.com:8080/folder1/folder2a/*
- www.example.com:8080/folder1/folder2a/folder3a/*
- www.example.com:8080/folder1/folder2b/*
- www.example.com:8080/folder1/folder2b/folder3b*
- (proxy=proxy.example.com)
No folder or depth is defined. Proxy Agent will receive instructions to scan only the resources available in the root directory through the proxy server proxy.example.com:
- www.example.com/*
Sub-domains
Sub-domains are considered individual Targets, therefore each sub-domain must be licensed and scanned separately from apex domains.
- www.example.com
- example.com
- subdomain.example.com