|
|
This appendix provides instructions on troubleshooting Cisco Secure Scanner.
Symptom The following the Scanner components are not showing up in the HTML browser: report, grid, chart, NSDB.
Possible Cause The Scanner does not have the correct path to the browser.
Recommended Action Check the HTML Browser tab on the Preferences tab and make sure that the path to your browser is correct.
Symptom You receive the following error message: Not enough room for axis.
Possible Cause The Scanner license is invalid or the user rules are not correct.
Recommended Action Make sure that you have a valid license file. Check the user.rules file and make sure that the syntax is correct for any rules that you have added.
Symptom The server starts, but the client will not start.
Possible Cause NetRanger is running on the same machine as the Scanner.
Recommended Action Make sure that you stop NetRanger before executing any Scanner scans or probes.
Symptom You are at your machine and cannot view the data that the Scanner obtained from a scheduled scan.
Possible Cause Your machine is not the machine on which the Scanner is installed and from which the scan was run.
Recommended Action You can only view scan and probe data from the machine on which the Scanner is installed and from which the scan or probe was run.
Symptom Suddenly you are only allowed to scan one host.
Possible Cause Your license is expired or invalid. The Scanner has reverted to the original demo license.
Recommended Action If you have an eval license, go to http://www.cisco.com/go/scanner-eval to renew it or contact your sales representative to purchase a license.
Symptom You have closed the Scanner GUI. When you reopen it, the Scanner is not working correctly.
Possible Cause You have an open Scanner browser.
Recommended Action Make sure that you close all Scanner browsers when you exit the Scanner.
Symptom After completing a probe, and trying to view the grid data in the result set of the scan, you get the following message and no results: There aren't enough axes in the data to present data within the grid.
Possible Cause Indication of a possible license issue.
Recommended Action Make sure your license file is valid. See "Invalid or Expired License" in Chapter 4 "Licensing Cisco Secure Scanner."
Can the Scanner detect when a modem is connected to a device?
The Scanner cannot detect modems connected to machines, because the modems do not have their own IP addresses. There is no reliable way for any network-based scanner to detect peripheral devices, like modems, unless those devices are directly connected to the network and have their own network addresses. The best way to detect modems is to perform wardialing on assigned phone blocks by using freeware tools like Toneloc, or consultants can be hired to perform these kinds of scans as part of a third-party security assessment. Ideally, to defend against compromise of internal networks as a result of rogue modems, you should configure telephone switches to prevent direct dial-in to individual employee's desks where unauthorized modems could be installed. In practice, this may not be reasonable to implement for a large organization that does not want all incoming calls to pass through an attendant.
How do you scan a host that does not respond to ICMP (ping) messages?
The Scanner by default requires that the host/networks you are scanning respond to an ICMP echo request (ping). If the host is not there, or does not respond, then the Scanner will not scan that device.
If you have a device that is active, but for some reason does not answer the ping request, you can force the Scanner to scan it anyway by selecting the Bypass Ping option on the Network Addresses tab in Session Configuration dialog box.
When the Scanner scans now, it will do its checks on all host/networks defined in the Network Addresses tab, regardless if they answer an ICMP echo request.
Posted: Thu Jun 29 14:09:46 PDT 2000
Copyright 1989 - 2000©Cisco Systems Inc.