Advanced Report Filters
Purpose
This document describes the advanced report filtering in the Discovery Scan Settings.
Introduction
In the Discovery Scan Settings UI, you can deselect a specific protocol that you do not want to trigger on. However, this only stops from explicitly sending requests with those protocols, it does not prevent it from triggering on related traffic. This may lead to seeing targets trigger on protocol that are deselected in the UI.
With the advanced report filtering option, you can perform a discovery scan but ignore traffic matching the filter by adding Berkeley Packet Filter (BPF) expressions.
BPF Expression Syntax
Refer to the following link for syntax:
Use Cases
Sometimes, even if you do not of send an Address Resolution Protocol (ARP) message, you may still get an ARP response which marks the target as alive. By setting a filter to remove the ARP messages, the scanner will not report on ARP responses.
Additional Resources
Copyright
© 2024 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.
Trademark
Outpost24® and OUTSCAN™ are trademarks of Outpost24® and its affiliated companies. All other brand names, product names or trademarks belong to their respective owners.