Skip to content

Configuration: Wildcard Ports Detected

Identifier: wildcard_ports_detected

Scanner(s) Support

GraphQL Scanner REST Scanner WebApp Scanner ASM Scanner

Description

Hosts behind firewalls or load balancers that ack TCP on every port make port-scan results unreliable: the inventory fills up with phantom open ports that don't correspond to a real service.

How we test: During port scanning, when a single (protocol, response-size) fingerprint covers more than 20 ports on a host, we treat the cluster as wildcard noise, drop the fake ports from the inventory, and raise this informational issue so the wildcard behavior is surfaced.

Configuration

Example

Example configuration:

---
security_tests:
  wildcard_ports_detected:
    skip: false

Reference

skip

Type : boolean

Skip the test if true.