Page tree

Using the HD census of active IP devices, Lumeta conducts a benign port scan that opens and gracefully closes the TCP service ports tested. Lumeta avoids performing any application-level transactions because they can have unpredictable and undesirable effects on some systems.

Lumeta records port open/closed status by sending the following packets for each targeted port and IP.
  • TCP Syn
  • TCP Syn/Ack Responses will result in TCP RST

Port List

The following is the default list of TCP ports used for Port Discovery in Lumeta:
 

Vulnerable Ports
0,21-23,25,79,80,110,113,119,135,137,139,143,389,443,445,1002,1024-1050,1720,5000,8080
 
Infection Ports
21,23,25,80,113,137,139,555,666,1001,1025,1026,1028,1243,2000,5000,6667,6670,6711,6776,6969,7000,8080,12345,12346,21554,22222,27374,29559,31337,31338
 
If you do not select the Infectious and/or Vulnerable checkboxes in Port Discovery, you may still see the Lumeta Network Index (LNI) chart showing a count greater than 0 associated with the Infectious and Vulnerable Ports columns. 
 
Why? When you enter a port number in the following fields that is also on Lumeta's Vulnerable or Infectious Port list, Lumeta characterizes it as Vulnerable or Infectious, in appropriate reports. 
  • Path Discovery > Custom TCP Ports
  • Host Discovery >Custom TCP Ports
  • Ports Discovery > Custom TCP Ports
  • Profile Discovery > HTTP Ports
  • Profile Discovery > HTTPS Port

Configuring Port Discovery

This procedure assumes that you have already created an Organization, Zone, and one or more Collectors. It also assumes that you've populated your Zone Network and Discovery Space lists. If you haven't completed these preliminaries or need more information on them, refer to . . .

  1. Creating & Managing Organizations - Creating a container for all of your organization's zones
  2. Adding & Managing Zones - Defining an area of the network to discover and index.
    1. Set Zone Networks & About Lists  - Using the Known, Eligible, and Internal list buttons to identify the IPs and CIDRs composing your defined zone.
  3. Adding & Managing Collectors - Adding the
    1. Scope: Discovery Spaces - Telling your collector where in the network to do its job
    2. Adding & Managing Lists (Zone Networks & Discovery Spaces)

To configure Device Profiling . . .

  1. In the Lumeta Command Center GUI, browse to Settings > Zones.
  2. Select the zone and collector in which you want to configure Device Profiling Discovery. 

Populate the Custom TCP Port List with the following: 

  • Flat ASCII format, one entry per line
  • Each entry is a port number and descriptor, separated by a space
  • No labels