1
Slitheris Network Discovery - Support & General Discussion / Re: Slitheris to parallel VLAN
« Last post by Komodo Support on September 20, 2024, 04:40:28 AM »Hi again, so sorry for the delay.
Yes Slitheris scans for far more ports than TCP 445, 139, 135, 443, 22 and 23, depending on the devices being scanned. And then there are UDP ports such at 161 for SNMP it may also check for.
Are these Windows Firewall rules you're having to change? Are you wondering if we can automate enabling and disabling firewall rules during scans?
Yes Slitheris scans for far more ports than TCP 445, 139, 135, 443, 22 and 23, depending on the devices being scanned. And then there are UDP ports such at 161 for SNMP it may also check for.
Are these Windows Firewall rules you're having to change? Are you wondering if we can automate enabling and disabling firewall rules during scans?
2
Slitheris Network Discovery - Support & General Discussion / Re: Slitheris to parallel VLAN
« Last post by Davidh on August 19, 2024, 01:11:01 PM »Yes, Slitheris does add the rule.
However, what I am trying to do is different.
We, like in many companies use network segmentation. To achieve this, I have a few VLAN, and ZTNA tags.
So, let's say my computer is on VLAN1 with IP 192.168.1.100. Not only I want to scan 192.168.1.0/24 but I would also scan the server network with 192.168.2.0/24
To connect these VLANs I need to make a firewall rule, but I only want to allow the ports necessary.
I do know Slitheris uses port 445, 139, 135, most likely also it scans 443, 22 and 23. But I wanted to see if there is a comprehensive list to make the scan as accurate as possible.
Watching TCP Connections from Resource Monitor I can see a lot more ports.
At the moment, I have a rule allowing all the ports, that I have to manually enable and disable when I scan. I just would like to have it a bit more tight in case I forget to disable the rule
However, what I am trying to do is different.
We, like in many companies use network segmentation. To achieve this, I have a few VLAN, and ZTNA tags.
So, let's say my computer is on VLAN1 with IP 192.168.1.100. Not only I want to scan 192.168.1.0/24 but I would also scan the server network with 192.168.2.0/24
To connect these VLANs I need to make a firewall rule, but I only want to allow the ports necessary.
I do know Slitheris uses port 445, 139, 135, most likely also it scans 443, 22 and 23. But I wanted to see if there is a comprehensive list to make the scan as accurate as possible.
Watching TCP Connections from Resource Monitor I can see a lot more ports.
At the moment, I have a rule allowing all the ports, that I have to manually enable and disable when I scan. I just would like to have it a bit more tight in case I forget to disable the rule
3
Slitheris Network Discovery - Support & General Discussion / Re: Slitheris to parallel VLAN
« Last post by Komodo Support on August 16, 2024, 04:43:11 AM »Hi David. Thank you very much for the compliments!
We're so sorry for the delay! Our forums are out-of-date. We're working to replace it ASAP and open it up to everyone.
We understand your security concerns. Security is getting tighter.
Our installer should change Windows Firewall rules to explicitly allow/whitelist our EXE. Have you checked if our EXE is in the exception list?
Thank you for being a long-term fan! No comment on CloudStrike.
We're so sorry for the delay! Our forums are out-of-date. We're working to replace it ASAP and open it up to everyone.
We understand your security concerns. Security is getting tighter.
Our installer should change Windows Firewall rules to explicitly allow/whitelist our EXE. Have you checked if our EXE is in the exception list?
Thank you for being a long-term fan! No comment on CloudStrike.
4
Slitheris Network Discovery - Support & General Discussion / Slitheris to parallel VLAN
« Last post by Davidh on August 02, 2024, 02:01:47 PM »First, Slitheris is a great tool. I have been able to get a lot of companies to buy it after they see me using it.
However on one of my latest projects, I was wondering about something. What firewall exeptions would I have to set to allow Slitheris to scan different VLAN?
I use Slitheris a lot to scan the network, but that means I have to connect my laptop to multiple VLAN and keep switching the port.
Instead of doing this from the switch closet I would like to do it from a station, and enable a firewall rule that allows the scanning from that station (firewall rule on the gateway connecting the VLAN, not on the computers).
These types of network are getting more common for me, as I have been doing lots of deployments with air gap, and ZTNA.
Interesting enough, the more complicated the network becomes, the more Slitheris shines.
So I was planning to have a firewall rule that I can enable while running the scan, but I wanted to keep it as tight as possible, mainly as some of the networks are following CMMC compliance (NIST 800-171/172).
On a separate note, it is funny (as technical funny) to watch CrowdStrike freak out while Slitheris is running scans
However on one of my latest projects, I was wondering about something. What firewall exeptions would I have to set to allow Slitheris to scan different VLAN?
I use Slitheris a lot to scan the network, but that means I have to connect my laptop to multiple VLAN and keep switching the port.
Instead of doing this from the switch closet I would like to do it from a station, and enable a firewall rule that allows the scanning from that station (firewall rule on the gateway connecting the VLAN, not on the computers).
These types of network are getting more common for me, as I have been doing lots of deployments with air gap, and ZTNA.
Interesting enough, the more complicated the network becomes, the more Slitheris shines.
So I was planning to have a firewall rule that I can enable while running the scan, but I wanted to keep it as tight as possible, mainly as some of the networks are following CMMC compliance (NIST 800-171/172).
On a separate note, it is funny (as technical funny) to watch CrowdStrike freak out while Slitheris is running scans
5
Apologies for mass approval emails (May 10th, 2023) / Accidental Mass Approvals
« Last post by Komodo Support on May 10, 2023, 10:15:28 AM »Recently we've been working to bring our community forums back and accidentally mass-approved many signups all-at-once, which sent emails to all everyone who registered. This may include some spammers we'll deal with as-needed.
We're very sorry about this and we'll do everything we can to not let it happen again.
Thank you for using our software... please feel free to post or ask any questions.
We're very sorry about this and we'll do everything we can to not let it happen again.
Thank you for using our software... please feel free to post or ask any questions.
6
NEWT Pro Network Inventory - Bug Reports / Re: Crash and burn
« Last post by nkrowe on May 25, 2022, 08:11:17 PM »Good News! It's working now. This morning I decided to start off with a "restart" and my computer went into a CHKDSK mode for like 45 minutes. I just redownloaded NEWT and it is scanning now. Thanks.
(I can delete this thread if you don't want the false-alarm report)
(I can delete this thread if you don't want the false-alarm report)
7
NEWT Pro Network Inventory - Bug Reports / Re: Crash and burn
« Last post by Komodo Support on May 24, 2022, 05:55:44 PM »Thank you for the report. We haven't yet heard of an issue like this.
Could you try re-installing the app using the latest installer EXE on our website and let us know happens?
Could you try re-installing the app using the latest installer EXE on our website and let us know happens?
8
NEWT Pro Network Inventory - Bug Reports / Crash and burn
« Last post by nkrowe on May 24, 2022, 05:27:51 PM »Faulting application name: NEWTPro.exe, version: 2.5.0.364, time stamp: 0x611ba4a8
Faulting module name: iGrid300_10Tec.ocx, version: 3.0.0.220, time stamp: 0x496322eb
Exception code: 0xc0000005
Fault offset: 0x00084504
Faulting process id: 0x10a44
Faulting application start time: 0x01d86f96755cd51d
Faulting application path: C:\Programs (x86)\Komodo Labs\NEWT Professional 2.5\NEWTPro.exe
Faulting module path: C:\WINDOWS\System32\iGrid300_10Tec.ocx
Report Id: 01f98e70-4f3e-4fed-8378-d32370730b2d
Faulting package full name:
Faulting package-relative application ID:
Windows 10 Enterprise 10.0.19044 Build 19044
C:\WINDOWS\System32\iGrid300_10Tec.ocx file does not exist?
Faulting module name: iGrid300_10Tec.ocx, version: 3.0.0.220, time stamp: 0x496322eb
Exception code: 0xc0000005
Fault offset: 0x00084504
Faulting process id: 0x10a44
Faulting application start time: 0x01d86f96755cd51d
Faulting application path: C:\Programs (x86)\Komodo Labs\NEWT Professional 2.5\NEWTPro.exe
Faulting module path: C:\WINDOWS\System32\iGrid300_10Tec.ocx
Report Id: 01f98e70-4f3e-4fed-8378-d32370730b2d
Faulting package full name:
Faulting package-relative application ID:
Windows 10 Enterprise 10.0.19044 Build 19044
C:\WINDOWS\System32\iGrid300_10Tec.ocx file does not exist?
9
Slitheris Network Discovery - Feature Requests / Re: Export Scan Results
« Last post by Komodo Support on January 26, 2022, 07:46:05 PM »Hi there. Sorry for the confusition. You should be able to export scan results as a CSV file from the File menu, which is importable to Excel and most other spreadsheets. If you don't see it, please let us know.
We're working on better options for scan results storage and exporting in the future.
Thank you!
We're working on better options for scan results storage and exporting in the future.
Thank you!
10
Slitheris Network Discovery - Feature Requests / Export Scan Results
« Last post by MLangdon61 on January 26, 2022, 05:39:00 PM »I am testing out Slitheris to use at my company. One feature I cannot seem to find is the ability to export the scan results. Any plans on adding this feature? I cannot justify purchasing this product without this feature.