Shulou(Shulou.com)06/02 Report--

Instructions for using X-Scan-v3.3

one。 System requirements: Windows NT/2000/XP/2003

In theory, it can run on Windows NT series operating system, and it is recommended to run on Server version of Windows system above Windows 2000.

two。 Function introduction:

Multithreading is used to detect security vulnerabilities in the specified IP address range (or stand-alone), and the plug-in function is supported. The scanning content includes: remote service type, operating system type and version, various weak password vulnerabilities, backdoors, application service vulnerabilities, network device vulnerabilities, denial of service vulnerabilities and so on. For most known vulnerabilities, we have given corresponding descriptions, solutions and links to detailed descriptions, and other vulnerability materials are being further collated and improved. you can also check the relevant instructions through the "Security Digest" and "Security vulnerabilities" columns of this site.

Version 3.0 and subsequent versions provide a simple plug-in development kit to facilitate friends with a programming foundation to write or modify other debugged code into X-Scan plug-ins. In addition, the translation of the Nessus*** script has begun. All friends who are interested in the online sense of security are welcome to participate. If you need "Nessus*** script engine" source code, X-Scan plug-in SDK, sample plug-in source code or friends who are willing to participate in script translation, you can get more information through the site "X-Scan" project link: "http://www.xfocus.net/projects/X-Scan/index.html".

three。 Required documents:

Xscan_gui.exe-the main program of X-Scan graphical interface

Checkhost.dat-- plug-in scheduling main program

Update.exe-online upgrade of the main program

* .dll-- dynamic link library required by the main program

Instructions for using .txt-- instructions for using X-Scan

/ dat/language.ini-multilingual profile, which can be switched by setting the item "LANGUAGE\ SELECTED"

/ dat/language.*-multilingual data file

/ dat/config.ini-current configuration file to save all settings currently in use

/ dat/*.cfg-user-defined profile

/ dat/*.dic-username / password dictionary file, used to detect weak password users

/ plugins-- used to store all plug-ins (suffix .xpn)

/ scripts-- used to hold all NASL scripts (suffix .nasl)

/ scripts/desc-used to store multilingual descriptions of all NASL scripts (suffix .desc)

/ scripts/cache-used to cache all NASL script information to speed up scanning (this directory can be deleted)

four。 Preparatory work:

X-Scan is completely free software, no registration, no installation (unzipped to run, automatically check and install the WinPCap driver). If you have installed an incorrect version of the WinPCap driver, reinstall WinPCap 3.1beta4 or install a later version from tools > Install WinPCap on the main window menu.

five。 Graphical interface setting item description:

Detection range module:

"specify IP range"-you can enter a separate IP address or domain name, or you can enter an IP range separated by "-" and ",", such as "192.168.0.1-20192.168.1.10-192.168.1.254", or a mask format similar to "192.168.100.1 IP 24".

"get host list from file"-Select this check box to read the host address to be tested from the file, the file format should be plain text, each line can contain a separate IP or domain name, or an IP range separated by "-" and ",".

Global Settings module:

Scan Module item-Select the plug-ins that need to be loaded for this scan.

Concurrent scan item-sets the number of hosts and concurrent threads for concurrent scanning, or you can set the maximum number of threads for each plug-in for each host.

"Network Settings" item-sets the appropriate network adapter. If the network adapter cannot be found, please reinstall the WinPCap 3.1 beta4 driver or later.

Scan report item-the name of the report file generated after the scan is completed, saved in the LOG directory. Scan reports currently support TXT, HTML and XML formats.

Other Settings item:

"Skip unresponsive hosts"-if the target host does not respond to ICMP ECHO and TCP SYN messages, X-Scan will skip the detection of that host.

"unconditional scan"-as described in the title

Skip hosts that do not detect open ports-if no open ports are found within the range of TCP ports specified by the user, subsequent detection of that host will be skipped.

"use NMAP to determine remote operating system"-X-Scan uses SNMP, NETBIOS and NMAP to comprehensively determine the type of remote operating system. If NMAP makes frequent errors, you can turn this option off.

"Show details"-this option is mainly used for debugging and is not recommended.

Plug-in Settings module:

The module contains separate settings for each plug-in, such as the port range setting of the Port scan plug-in, the username / password dictionary setting of each weak password plug-in, and so on.

X-Scan v3.3-Network Security vulnerability Scanner

Security focus: http://www.xfocus.net( Chinese site), http://www.xfocus.org( English site)

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.