Scribd
Upload
26 views1 page

Required ports for network Scans

Uploaded by

ahmed gaafar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
26 views1 page

Required ports for network Scans

Uploaded by

ahmed gaafar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

Required User Permission and Open Ports

for Tenable.SC Network Scans


Running credential scans for network devices requires specific user permissions and open ports to ensure successful
communication and data retrieval. Here's a detailed breakdown of the requirements:

Required User Permissions:

1. Local Administrator Access: For Windows devices, you need local administrator privileges to access
the necessary system information and perform credential scans.
2. SNMP Access: For network devices like routers, switches, and firewalls, you need SNMP (Simple
Network Management Protocol read privileges to retrieve configuration information and
credentials.
3. SSH Access (Optional): For Linux-based devices, SSH (Secure Shell) access is recommended to
gather additional information and perform more advanced scans.

Required Open Ports:

1. TCP Port 161: SNMP utilizes TCP port 161 for communication with management devices. Ensure
this port is open on the target devices to allow the scanner to connect and retrieve information.
2. TCP Port 22 (Optional): If using SSH for Linux devices, ensure TCP port 22 is open to allow the
scanner to establish a secure connection.
3. TCP Port 443 (Optional): For HTTPS-based management interfaces, ensure TCP port 443 is open to
allow the scanner to communicate securely.
4. TCP Port 3389 (Optional): If scanning remote Windows desktops, ensure TCP port 3389 is open to
allow the scanner to connect and perform credential checks.
5. TCP Ports 139 and 445 (Optional): For SMB-based network devices, ensure TCP ports 139 and 445
are open to allow the scanner to communicate and retrieve credentials.

Additional Considerations:

• Network Segmentation: Ensure proper network segmentation to isolate sensitive devices and limit
access to authorized personnel.
• Firewall Rules: Implement firewall rules to restrict access to management interfaces and prevent
unauthorized scans.
• Scan Scheduling: Schedule scans during off-peak hours to minimize disruption to network
operations.
• Vulnerability Management: Integrate credential scan results into your vulnerability management
program to identify and remediate potential security weaknesses.

You might also like