Class Scan
The Scan class provides methods for defining and storing vulnerabilities detected on enterprise assets. It depends on several other classes, including the Asset class, the Scanner class, and the Vuln class. In general, a vulnerability scanner will perform a scan of an enterprise asset checking all ports on that asset for known vulnerabilities. The entire result set of that scan will be placed in a file or table which is then processed by a Collector. The process followed is usually to construct a Scanner object which describes the vulnerability scanner, then a Scan object which describes the scan that took place and an Asset object that describes the asset that was scanned. Then, a Vuln object is created for each detected vulnerability, attached to the Scan, and stored in the database. It is also possible for the vulnerability scanner to perform a 'partial' scan which means that only specific ports are scanned. In this case, the scan data will not replace the entire set of vulnerability information known for an assset, but only for those ports which were scanned. The class accepts a pre-defined set of vulnerability attributes:
- Type {String} : Type of scan performed, either 'PARTIAL' or 'FULL'
- Start {Date} : The time the scan started, in local time
- End {Date} : The time the scan finished, in local time
- Scanner {Scanner} : The Scanner used to perform the scan
- Asset {Asset} : The Asset that was scanned
- Vulns {Vulns[]} : The set of vulnerabilities that were found on the Asset
Defined in: vuln.js.
Constructor Attributes | Constructor Name and Description |
---|---|
Scan(properties)
Constructs an instance of the Scan class which represents a single vulnerability scan of a single asset.
|
Field Attributes | Field Name and Description |
---|---|
The set of vulnerabilities that were found on the Asset.
|
Method Attributes | Method Name and Description |
---|---|
attachAsset(asset)
This method attaches an Asset object to the current scan.
|
|
attachScanner(scanner)
This method attaches a Scanner object to the Scan.
|
|
attachVuln(vuln)
This method attaches a newly-detected vulnerability to an Asset through the associated Scan.
|
|
save()
This method saves the Scan object in the Sentinel database.
|
Author: Novell Engineering.
// In initialize() method: instance.CONFIG.scanner = new Scanner({}); // In preParse() method: instance.CONFIG.currentScan = new Scan({"Type":"FULL","Start":new Date(),"Scanner":instance.CONFIG.scanner}); // In parse() method: // parse input and determine asset and vulnerabilities instance.CONFIG.currentScan.attachAsset(this.asset1); instance.CONFIG.currentScan.attachVuln(this.vuln1); // in postParse() method: if (instance.CONFIG.readyToSend) { // readyToSend is not a template var; you would have to create and maintain it instance.CONFIG.currentScan.save(); }
- Parameters:
- {Object} properties
- Set of pre-defined properties used to initialize this object
var myAsset = new Asset({"IPv4":rec.IPaddr}); var thisScan = new Scan({"Start":new Date()}); thisScan.attachAsset(myAsset); // See Scan class for a full example
- Parameters:
- {Asset} asset
- The Asset object representing the system that was scanned
- Returns:
- {Boolean} Result
var myscanner = new Scanner({"Tenable":"Nessus","Product":"Nessus"}); var thisScan = new Scan({"Start":new Date()}); thisScan.attachScanner(myscanner); // See Scan class for a full example
- Parameters:
- {Scanner} scanner
- The Scanner object to associated with this scan
- Returns:
- {Boolean} result
var myVuln = new Vuln({"VulnID":rec.vulnid,"Port":rec.tgtport,"HostOS":"Windows"}); var thisScan = new Scan({"Start":new Date()}); thisScan.attachVuln(myVuln); // See Scan class for a full example
- Parameters:
- {Vuln} vuln
- The Vulnerability object representing a specific detected vulnerability on the target asset
- Returns:
- {Boolean} Result
var thisScan = new Scan({"Start":new Date(),"Scanner":instance.CONFIG.scanner,"Asset":currentAsset}); thisScan.save(); // See Scan class for a full example
- Returns:
- {Boolean} Result