December 11, 2018, 03:57:08 AM

Author Topic: Option to scan for SSH and telnet  (Read 64 times)

Davidh

  • Member
  • *
  • Posts: 9
Option to scan for SSH and telnet
« on: November 21, 2018, 09:59:58 PM »
Lately I had to do a lot of quick scans for network equipment remotely (to make sure there were no switches creating loops and so on)
In one location I realized that with a lot of Cisco phones it was tough to tell apart a phone and a switch.
If we had the option to turn on for scan on ssh and telnet access (it already scans for http and https) it would help identified the devices.

It shouldn't be an option always on because it might increase scan time, but it could be something to add as an option to the scan
« Last Edit: November 23, 2018, 12:47:10 PM by Komodo Support »

Komodo Support

  • Administrator
  • Member
  • *****
  • Posts: 810
  • Dayton, Ohio, USA
    • Komodo Laboratories LLC
Re: Option to scan for SSH and telnet
« Reply #1 on: November 26, 2018, 08:07:36 PM »
Thanks David!  We actually scan telnet and SSH now, but only internally to determine device type.  However, as you've found, that's a bit lacking right now in v1.1 because it's mainly hardcoded.  We plan to tackle real device identification in the next major version.

We may be able to provide something useful before then.  Are you simply wanting to know if Slitheris found that Telnet or SSH exists on the device or something more detailed?

Davidh

  • Member
  • *
  • Posts: 9
Re: Option to scan for SSH and telnet
« Reply #2 on: November 28, 2018, 11:51:25 PM »
At the moment I was thinking that just noting if there was ssh or telnet access would be good, as it would allow me to distinguish between a Cisco VoIP and a switch for the most part, but then I found out that SG (Cisco small business) switches have only http enabled and ssh and telnet is disabled  ???

Komodo Support

  • Administrator
  • Member
  • *****
  • Posts: 810
  • Dayton, Ohio, USA
    • Komodo Laboratories LLC
Re: Option to scan for SSH and telnet
« Reply #3 on: November 29, 2018, 11:19:43 PM »
Understood.  We plan to finally work to add the long-awaited "large IP range" support in December, so we'll see what we can do about showing if SSH or Telnet was detected, in the same upgrade.  The current device scan routine should always probe for SSH and Telnet on devices that aren't easy for Slitheris to determine device type, so there shouldn't need to be an option for it.  Thankfully, we shouldn't need 'beta testing' for such a feature.  But if we do, we have your contact information