Ask a Question

General Information ID : INFO1694

Vulnerability FAQ

Description

Vulnerability FAQ

 
 
 
 Which SSL product includes the vulnerability scan?
The service is included at no additional cost with the following products
 

MPKI for SSL

  • Premium SSL with Extended Validation
  • Standard SSL with Extended Validation
  • Premium SSL
     

Retail SSL

  • Symantec Secure Site Pro with EV
  • Symantec Secure Site with EV
  • Symantec Secure Site Pro


Why hasn't Symantec Vulnerability Assessment service scanned my site or cannot contact my server?
  • In order to receive the benefit of the service you must opt-in which you would do from within the console of where you manage the SSL certificates for the site you wished to be scanned.  Only customer's with a valid SSL certificates may opt-in to the service.
  • The site must be externally accessible for scanning with no access credentials required.
  • Either your hosting provider or internal organizations could be blocking the types of scans and tests that the Symantec VA service performs.  If that is the case you need to setup exceptions for the IP addresses that the Symantec VA service provides. Please click here for documentation.


Which IP addresses does Vulnerability Assessment Service scan from?
Vulnerability Assessment Service can create multiple entries in your website's logs and could cause issues with other software like intrusion detection systems.  For this reason, you might want to create filters that allow access.


Vulnerability Assessment Service uses the following IP addresses and server names:
 
  • VBLADEAF001  46.4.95.23   (scan1.ws.symantec.com)
  • VBLADEAF002  46.4.85.9  (scan2.ws.symantec.com)
  • VBLADEAF003  46.4.85.14  (scan3.ws.symantec.com)
  • VBLADEAF004  46.4.94.227  (scan4.ws.symantec.com)
  • VBLADEAF005  46.4.94.230  (scan5.ws.symantec.com)
  • VBLADEAF006  46.4.94.239  (scan6.ws.symantec.com)
  • VBLADEAF007  67.192.122.132  (scan7.ws.symantec.com)
  • VBLADEAF008  204.232.241.139  (scan8.ws.symantec.com)
  • VBLADEAF009  46.4.94.143  (scan9.ws.symantec.com)
  • VBLADEAF010  5.9.77.176 (scan10.ws.symantec.com)
 
What’s the difference between vulnerability assessment and malware scanning?
Vulnerability assessment scans for and reports on entry points for security breaches. Malware scanning finds harmful software already on your site and network. If you have malware on your site, it probably means that an entry point already has been breached. When you repair the vulnerabilities on your site, you help deter potential breaches, including malware.
 
Now that I have vulnerability assessment, do I really need malware scanning?
Yes. Vulnerability assessment doesn’t detect malware; it only shows you entry points that could be exploited to inject malware. When used together, malware scanning and vulnerability assessment provide complementary functions to help keep your site safe.
 
How will vulnerability assessment affect my website and network? What are the risks?
All vulnerability scanning services enter your website to find vulnerabilities. This inherently carries some risk. We have made every effort to minimize the risks associated with our vulnerability assessment.
 
The scan may cause slight performance delays (for example, page loading time). It also may trigger intrusion detection or other systems during scanning. The risk to a particular site or network varies from system to system. There is no system risk between scans.
 
I already have vulnerability scanning. Why would I need another one?
You can use our vulnerability assessment to cross-check the results of any other scan for an added security layer.
 
What ports does vulnerability assessment scan?
We scan all commonly used ports—more than 1000 in total. Your report will list any ports we found with vulnerabilities, in the appendix section of your report. 
 
What types of vulnerabilities does the scan detect?
We scan for the most common types of vulnerabilities, which include outdated or unpatched software, cross-site scripting (XSS), SQL injection, and “backdoors.” As hacking technology changes, we update the scan accordingly to detect those vulnerabilities.
 
What type of files or scripts does vulnerability assessment detect?
We scan any active content on the website that accepts user input, without regard to the type of file or script. We also check for software with known vulnerabilities, such as outdated versions of osCommerce package or WordPress.
 
 
What are the limits of the scan?
  • We do not scan password-protected areas of the site, internal-facing pages, or any areas not publicly accessible.
  • The scan will not detect every vulnerability.
  • You cannot customize any parameters of the scan.
 
 
Related articles/information