AVDS IS and LSS Quick Start Guide

Quick Start Guide

For

AVDS Information Server and Local Scanning Server

**** Refer to PDF at the bottom of the page for Visual Guide.

 

Installation and Configuration

 

Two servers have been shipped to you; an Information Server (IS) and a Local Scanning Server (LSS). They have been pre-configured but will require local network connectivity and one setting change.

The IS server has the “Beyond Security” Logo on its cover.

Connect servers to a VGA monitor, PS/2 or USB Keyboard and to the network.

Boot both machines. The boot sequence will conclude with the prompt: AVDS>

[Type help to see a list of the CONSOLE COMMANDS.]

 

On Each Server:

  • To set IP, enter:

AVDS> network
AVDS (network)> interface eth0
[note: eth0 is the left port marked Gb1. To configure the right port (Gb2) please enter 'interface eth1' ]

For DHCP, enter:

            AVDS (network interface eth0)> dhcp on

                        OR for Static IP enter IP address:

AVDS (network interface eth0)> ip XXX.XXX.XXX.XXX

 

  • Set the gateway address enter:
    AVDS (network interface eth0)> exit
    Then enter:

AVDS (network)> gateway XXX.XXX.XXX.XXX

  • Name Server default is 8.8.8.8. To change this, enter:

AVDS (network)> ns XXX.XXX.XXX.XXX

 

  • IMPORTANT: Save the settings, enter:

AVDS (network)> save

 

To view the network settings type:
AVDS (network)> show

 

  • Set time zone, date and time, enter:

AVDS (network)> exit

Type timezone and press 'tab' to display list:

AVDS > timezone

Select appropriate time zone from list and enter.

To view date and time, enter:

AVDS > date

To change date or time, enter

AVDS > date MMDDhhmmYYYY

[Example: For the 19th of December 2013 at 6:54 PM (18:54):

 AVDS > date 121918542013 ]

 

  • IMPORTANT: Save the date and time settings, enter:

AVDS > save

 

To test the network connectivity via ping, type:
AVDS (network)> ping XXX.XXX.XXX.XXX
Where XXX.XXX.XXX.XXX is the address of the other AVDS server.

 

To complete the setup:

 

On the LSS: Set Password and Install IS IP

  1. Open a browser and login at: https://<ip-of-LSS-machine>.
  2. Default LSS username is 'admin' and password is 'demo'.

Please set new password now

  1. Click on 'Distributed Scanning' in menu on left and scroll down to bottom of page. Find: 'Node Settings' and field: 'IP or hostname'.

Please enter the IP or host name of the IS server.

  1. Click on Modify.

 

On the IS: Set Password

  1. Open a browser and Login at: https://<ip-of-IS-machine> .
  2. Default IS username is 'superadmin' and password is 'testing'.

Please set new password now.

  1. Optional: Click on Tab 'Admin', then on Tab LSS. Find 'LSS List' and click on 'LSS Name' of your LSS. This opens 'LSS Details' in same page.
  2. Optional: Click 'Modify' to edit LSS Name. Recommended Name = location
  3. Confirm IS and LSS connection by verifying a recent date in 'Heartbeat' column.

 

All AVDS functions are controlled on the IS.

Do not attempt to control scanning functions on the LSS.

 

Creating and Managing Network Scans

 

There are two ways to add a new scan to AVDS. On the home page there is a dashlet tool called 'Quick Add' which we recommend for your first scans. Use the 'Standard Scan Setup' instructions, below, for access to all scan features.

 

Quick Add

 

To quickly start a new scan, use the dashlet tool called 'Quick Add' that is available on the AVDS dashboard Home page (the screen you see when you first login).

 
   

 

 

First enter a Name for the scan, then enter Range; a list of hosts separated by commas and/or a range of IP's marked by a dash. For example:

 

www.beyondsecurity.com,www.securiteam.com

and/or

192.168.1.1-100

 

The Organization field will display a default now and later, if you create more 'Organizations', they will also display here (see more info below on creating Organizations). The LSS field will display a default server. If more scanners are added to your system you will be able to select them here.

 

Optional: check the 'Create Web Scan' check box to include a web application scan if scanning just a single host.

 

The Contact field will also display the current default name. Later, if other people are added to the system their names will display.

 

Finally, click Create - and you will be taken to the Network Scan configuration page.

 

There, scroll down and select a schedule and/or click on 'immediate scan' to put the scan into the queue.

 

That's all there is to it. The scan is now configured and can be customized to your needs in Admin -> Scan Settings.

 

 

Standard Scan Setup

 

In AVDS, each scan is assigned to an "Organization". The term Organization is used to describe a logical group of users, scans, reports and an LSS. This might relate to a location, an area of responsibility or some other segmentation of your company network. Using Organizations to divide a company network into segments is optional and in small, flat networks where all scanning is managed by a single person or group it may not be required.

 

In the example below an imaginary company, 'ACME', has two major divisions each with its own network administrators. In this example we will create 2 Organizations, “DMZ East” and “DMZ West”, so that each group of administrators can access, control and manage their own scans.

Creating a New Organization (Optional)

 

If you do not create an Organization, all scans will be assigned to the default, which is okay if one person intends to manage all scanning of the entire company. You can create new Organizations at any time and re-assign existing scans to them.

 

To create a new Organization:

  • Go to Admin → Organizations
  • Click on “new”
  • Enter the following mandatory fields:
    • Organization name
    • Contact (reports will be sent to the email address of this contact)
    • Accept defaults for other fields.
  • Click “Apply” for the settings to take effect

 

 

Creating a New Scan

 

Creating scans allows you to program the system to periodically scan a range of IP's or a select list of hostnames automatically. Results will be sent via email to the contact and shown under the Vulnerabilities tab.

 

To create a new scan:

  • Go to Admin → Scan Settings
  • Click on “New” button (below Scan List)
  • Enter the following mandatory fields:
    • Scan name: Any string that is descriptive, such as location, IP range, etc.
    • LSS: If there is just one LSS, it will be default selected.
    • Parent Organization: Any Organizations you have created will display here for selection. If none have been created, then the default Organization will be displayed  
    • Hostname / IP Address Range: the list of IP's to scan.

Some examples:
192.168.1.1-254 = all IP's between 192.168.1.1 and 192.168.1.254
10.1.1.5,10.1.1.15,10.1.1.25 = the three IP addresses specified
www.example.com, mail.example.com, ns.example.com
and combinations of the above

  • Contact person: This person will receive an email with a report once the scan is finished. New people (or groups of people) can be added later and this scan can be modified to include them.
  • Click “apply” for the settings to take effect

 

The system will now find the LSS named in the scan just created. You will see the message:

 

  • Wait a few seconds, and click on the “refresh” button just above this message. If the message disappears, the scanner has acknowledged the scan and a new panel will appear at the bottom of the page to allow you to schedule the scan:

 

 

 

 

 

 

 

 

The default scan frequency is 'daily'. Modify the date scans will start (reference date) the frequency ('routine') or time of day, if you wish and click “modify schedule”.

  • Once the schedule is ok, click on Enable Scan to have the scan scheduled.

 

Note: Once the scan is enabled you will have the option to click Immediate Scan to have the scan start immediately regardless of the schedule or scan window.

 

Viewing the Scan Status

 

Once a scan has been configured, you can see it by going to:

Admin → Scan Settings

and select the scan from the list to view configuration and status.

 

Creating a New Web Scan

 

The AVDS System delivers web application scanning including crawling the web site to discover dynamic pages and using authentication to log into password protected areas. The results of the web scan will be integrated into the results of the network scan for that host for a single report.

 

To configure a new web scan:

  • Go to Admin → Web Scan Settings
  • Click on “New” button (below the Web Scan List)
  • Fill in the following mandatory fields:
    • Name: Any string that is descriptive, such as company division, site name, etc.
    • Scan: this is the network where the network scan for that host is done. Results of the web scan will be integrated with the network scan
    • Hostname: (host to be tested, like: www.acme.com)
    • URL Testing Limit: Default is 15
    • Check boxes: all unchecked
    • Contact Person: This person will receive an email with a report once the scan is finished. New users (or groups of users) can be added later and this scan modified to select them.
  • Click “Apply” for the new web scan to be created
  • You will now be presented with additional options:
    • Configure the schedule and click “Enable Scan” to activate the scan
    • Decide whether you want the scanner to crawl the entire web site, or add specific pages to be analyzed for security vulnerabilities
    • Optional: Configure web site log in authentication (form based or NTML based)

Viewing the Web Scan Status

 

Once a web scan has been configured, you can see it by going to:

Admin → Web Scan Settings

and selecting the web scan from the list.

 

Further Assistance

 

Should you have any questions or require further assistance, please contact Customer Support:

          Support@BeyondSecurity.com

          US: +1.888.512.6909

          UK: +44.203.006.3022

 

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.
Powered by Zendesk