To start a vulnerability scan, it is necessary to change the configuration of the target system,
gather information, and inform the people concerned.
The following is an example of the adjustments that need to be made before starting the scan.
■Remove IP address restrictions
If you have restricted access to the target site by IP address,
please set the following IP address as the accessible IP address.
Access source IP address for AeyeScan
■Impact on intrusion detection and prevention systems (IPS/IDS) and web application firewalls (WAF)
If you have IDS/IPS or WAF installed, it is possible that a large number of alerts will be generated.
If there is a device that blocks communication from the sender, the scan results may not be obtained correctly.
In this case, please set the access source IP address of AeyeScan to be out of scope.
■Lifting restrictions on banning consecutive submissions
If spam submission measures are in place, such as prohibiting the continuous submission of forms, please check the manual of the service you are using and remove any restrictions.
For example, you can find out how to lift the 'ban on consecutive submissions' on PIPED BITS' SPIRAL® at the following URL.
■Impact on the server
Although AeyeScan does not perform operations that will intentionally stop servers or services,
depending on the application design and server specifications,
it is possible that the CPU load will increase or servers or services will temporarily stop (e.g., not return responses).
The load on the server is roughly 10 requests / 1 second.
If a large amount of data is likely to be registered by the scan, it is recommended to take a backup of the system and data.
It is also strongly recommended that AeyeScan diagnostics be performed in a development or staging environment.
■Informing all relevant parties of the mass transmission of e-mails
When scanning, we repeatedly perform operations such as making inquiries and requesting information.
If you have a system that sends out e-mails when you make an inquiry, you may receive a large number of e-mails (several thousand).
We recommend that you inform the relevant departments in advance of the possibility of sending e-mails.
■Feature that does not perform a scan
If there are features that you do not want crawl or scan, please prepare the URLs for those features.
It is possible to set AeyeScan to not crawl or scan certain URLs in advance.
Examples of affect
- Features to purchase products from EC sites -> There is a possibility of purchasing a large amount of products.
- Features to delete user accounts and other data -> There is a possibility to delete registered accounts.
- Features for inquiries with email transmission -> There is a possibility that a large amount of email will be sent.
- Feature to register for seminars -> There is a possibility of a large number of registrations.
- Feature to write and register data on social media, internet forum, etc. -> There is a possibility of registering a large number of invalid characters.
- Feature to upload files -> There is a possibility that a large number of files will be created.
Register the affected URLs you have prepared in the AeyeScan Crawl/Scan target settings.
Please refer to the following FAQ for how to set the Crawl/Scan target settings.
I want to remove the admin panel from the crawl/scan target.
■CAPTCHA authentication, multi-factor authentication, and reCAPTCHA are set up.
If you have a system that refuses access from tools, please remove those functions.
For other sites that cannot be auto crawl by AeyeScan or sites that are difficult to auto crawl, please refer to the following FAQ.
■Points to note when transferring from trial to full version(Domain Activation)
If you have not subscribed to the activation skip option, you will need to set up domain activation, unlike during the trial version.
Please be prepared to place the files on the server.
Please refer to the following FAQ for how to set up domain activation.