Security scans - monitor locations, web servers, etc

KelAuth

The security scans feature was removed in March 2024 after unanimously deciding that this was not an Internet friendly feature.

We have introduced a new feature called Host monitoring, which can monitor your online services/resources one way or two ways if you add an agent on your host.

When reports are in Extended, the Security scan option becomes available.

Security scans can be used to monitor online devices and/or remote locations. So long as you have an agent installed at the location or on the server that you would like to monitor, you could use the Security scan feature to ensure that services are always up or that unwanted ports have become open.

Things to take note of.

The point behind the scan is to alert if a port that should not be opened suddenly becomes available.

A notification will be sent if enabled.

The scanned range is between 1 and 1024 only. If higher ports are set, they will be ignored.

Enter the allowed ports separating multiples using a comma. Example, 80, 443 and so on. Again, allowed range is 1-1024.

When the agent becomes disconnected, abandoned or removed, this feature is automatically disabled.

Security scans have a dual purpose.

Unauthorized ports

One, it can be used to be alerted of unauthorized ports suddenly becoming open on a firewall or a device. Perhaps you were working on something and overlooked a port that needed to be shut down once the job was done. Maybe you were testing something and of course, maybe someone is actively hacking a device you manage.

Note that if ports are found but are 'closed' status, it means that no service is running on that port and therefore an alert is not sent.

Unreachable device

Second, it can also be used to be alerted to something being down or unreachable.

For example, if you run one or more web servers, you can monitor the server/s and the services themselves. Monitor web ports such as 80, 443 and something else at 650 for example. If port 650 goes down, an alert would be sent out so that someone could look into it.

Imagine a patient or an elderly person at home, that depends on Internet connectivity for phone service and/or medical equipment. Someone could be alerted if the location is no longer able to communicate.

This can be used for any number of things including making sure security systems are able to reach out and so on.

Enabling a security scan means a task will be created by OutagesIO that will periodically check for unauthorized open ports at the location where this agent is installed. If an unauthorized port suddenly becomes available, a notification will be sent to the contact information (if) set in the notifications.

Members can set how often the test should be run from the pick list while Enterprise members can enter an open number.

Examples

Home/office: The agent is running at a home or office will alert the owner immediately if an authorized port suddenly shows up.

Business: The agent is installed at someone's office. The owner or IT person will immediately know if an unauthorized port suddenly shows up.

Web server: A Windows or Linux web server is set to allow ports 80/443 only for example. If any other ports open, someone can be alerted about this.

Just a few examples of why this could be an important feature.

When an agent stops communicating, this service will be disabled either temporarily or permanently.

When the agent becomes abandoned, removed or drops back to Community, this feature is automatically disabled.

Please be sure to set who and how notifications should be handled. Notifications can be sent to anyone that should know such as home owner, IT person, etc.