Comodo Web Inspector - Admin Guide
Contents
1. te Welcome to the Comodo Support home page From here you ll be able to find support information on all of Comodo s products by searching through our Knowledgebase and using our Troubleshooters Email af you are not able to find answers to your questions please check the active Forum community Ar Password If you would like to submit a ticket please do so using our online ticket submission system below Remember Register eS Submit a Ticket Me Register a new account to submit Submit a new ticket new or view existing tickets Knowledgebase Troubleshooter Search support articles and find i Take a step by step tour to find the answers to frequently asked A solution to all your issues Entire Si questions ia News Downloads Thu 19 View latest company news and aay View our categorized library of For the third announcements at i downloads for all necessary manuals Matoysec s F software etc Challenge hey gl https support comada comindex php m core amp a register i 4 Internet If you do not find a solution in our Knowledge base or Troubleshooter you can submit a support ticket after registering an account Registration is free 2 4 4 Contacts Clicking the Contacts tab takes you to the Contact Us page Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 49 Creating2. e URL Detail Provides a short description of the result If the page is found unsafe clicking on the description will open a pop up with the report details Lx Report common details This is a high risk page htto Awww tunapeyzaj comana sayta peyzaj 2 Result for 2013 04 01 13 30 44 UTC Malicious URL behaviour was detected E High Suspicious Code Found by Antivirus Engine e URL Report Enables you to print the report on the page by clicking the Print report link LRI Result WAL Detaiig C htoswerctunaperzaicorvana savfarpere High Risk Malicious activity detected Printraport Mark As FP eee ae Safe No malicious code filas or actrity detected hiim Wanna bunapewzal ecoruiinma mraili High Risk GD io l commerak etikier High Risk Malicious activity detected Printragort Mark As FP CD htouunaneveai com High Risk Malicious activity detected Printraport Mark As FF OD aN mi Safe No maliciows toda files or actiity detected o himin unen erraj toririerak etibder High Risk Malicious sriitiy LE tite awawwtinspevna convierah etki e False Positive Enables you to mark the page as False Positive See the section False Positives for more details URL Result WRAL Details Hite har buna Za LCOMVana Sartaipey High Risk atlit detected Printraport Mark As FP hiipi tunapeyza commerak ettikler Safe No malicious code files or ates he eae eee o ma Risk E
3. Click on the links below for more details on the options e Disable enable a website from WI scans e Change email address to which the WI reports and notifications will be sent e View and manage WI reports for a website e View and manage false positive pages e Scanning configuration options e Adding TrustLogo to your website 2 3 9 1 Disabling Enabling a Website If you do not want the Web Inspector to perform daily blacklist monitoring and malware scanning for a website you can disable it in the General Website Configuration You can also enable a website that has been disabled To a disable a website e Click the Manage link at the right side in the row of the website that you want to disable The General Website Configuration of the selected website will be displayed 9 Return to List of Websites Management of the website http buggerme com General Website Contiguratian B Q Digable Website Change Ennail Preports False Posilves Scanning Options TR StLopo Staius e Click the Disable Website link Are You Sure e To confirm click OK The website will be disabled and the interface will allow you to enable it again The WI reports for the website will available even if it is disabled The List of Websites interface will also display the website has been disabled Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 21 Creating Trust Online
4. e How dol upgrade from a trial account to the full version e After upgrading will have to re enter my IP Domain information e am an existing Comodo account holder e g SSL can use my existing Username and Password during purchase e Explain the password username system to me e Can scan private internal IP addresses e Scan Compliancy How many concurrent scans can run e How many ports does each service test e have changed my password and now cannot login to the Web Inspector website why e Scan Compliancy Does Web Inspector PCI use the latest CVSS v2 Do need to allow the Web Inspector PCI scanning IP address In order for the Web Inspector PCI scan to be successful your firewall must be set to allow the IP address the scan is coming from The IP ranges that Web Inspector PCI scans originate from are 208 116 56 32 28 and 91 209 196 32 28 signed up and got the following message No vulnerabilities were found and the host did not respond to any of our checks what does this mean This can mean one of two things Either 1 The host is currently unreachable It could be that the host is unreachable because of a problem with your server Quite often however it is because your firewall is denying access to the Web Inspector PCI scanner In order for the Web Inspector PCI scan to be successful your firewall must be set to allow the IP address the scan is coming from The IP ranges that Web Insp
5. 2015 Comodo Security Solutions Inc All rights reserved 99 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO specified 2 then the scan will be performed on alternate days 7 Select the start time from the Set Start Time drop down combo box The scan will be started on the set time at the scheduled dates according to your time zone set in the My Account area Set Start Time 14 00 soe 8 Click Save to apply your schedule Repeat the process for adding more schedules for running scans on other devices IPs Domains as per your convenience The scans will run on the selected device on date s time s and interval that you specified Notes about Scan types and Devices e PCI Scans cannot be scheduled to run on Internal Devices devices inside your LAN devices have no external IP addresses To scan an Internal device you must use Custom Scan Selecting PCI Scan will launch a vulnerability scan according to PCI scanning guidelines PCI Scan are oredetermined by the PCI DSS and are not user configurable Full reports are available in the Reports area e The composition of a Custom Scan is defined by the administrator in My Account gt Custom Settings area 2 5 1 Web Inspector PCI Reports At the end of each PCI Custom scan Web Inspector PCI produces a vulnerability report and an executive report for each IP Domain scanned In addition a consolidated
6. Before Web Inspector can start scanning your website we need to verify your ownership of the website Choose a method of website ownership There are four ways you can verity website ownership Click any ofthe choices to read step by step instructions for that method Please selectthe method you prefer amp File Upload Upload special ile to your webserver Test the file is in place by downloading it from hip Wexample com comoda_si_verfication Click Verify to begin website ownership venfication Meta Tag Add a meta tag to your home page Administrative Email Confirn a code sentyia email to the domains administrator DNS CNAME Enter a code into your DNS CNAME record You may skip this step and perform itlater using the Ownership Verification link e Download the text file by clicking file e Upload it to root folder of your web server e After the text file has been uploaded click the VERIFY button e Comodo will check for existence of this file to prove domain control e After successful verification Manage and TrustLogo links will become available for that domain Note the availability of TrustLogo link depends on your subscription type Meta Tag Web Inspector will generate a unique tag which must be inserted into the meta data of your home page html Web Inspector will check this page and validate domain control based on the presence of the tag Website ownership verification
7. Bly BUDY sachon k P L A E A SEript la a nguage Javafcript type texe Javascript g ILOGO 205 ig eacripe gt hl The setup TrustLogo screen will be displayed This screen provides instructions on how to add javascript in the HTML source page that you want the logo to be displayed This is a easy three step process e Step 1 Edit the HTML source page of the web page that you want the WI Trust Logo to appear Please note that this page should belong to the website that WI has already checked e Step 2 Copy the code in the text box below STEP 2 and paste it in a new line anywhere within the lt head gt lt head gt tag in the page e Step 3 Copy the code in the text box below STEP 3 and paste in a new line anywhere within the lt body gt lt body gt tag in the page That s it Now the WI TrustLogo will appear in the page that you have added the codes After a malware scan if WI finds that a subscribed website is infected the WI TrustLogo will be removed from the site and the TrustLogo link in the Websites interface will be struck off Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 37 Comodo Web Inspector Administrator Guide COMODO Creating Trust Online f j x e List of Websites Manage your websites httofads aceweb net unlimited URLs Scanned at 2013 04 12 01 30 42 UTC Gaston Report A Remove hitowat 9
8. Comodo Web Inspector Administrator Guide COMODO List of Websites Manage your wehsiies E Nipulads aceweb net unlimaed URLS Stanned at 2013 04 17 013042 UTC TastLege Manage Repo Bl Remove hiparat Yb ove Ky inio unimied UALS he WeDsile oem Cewnership Yermicalion Remove X Nip buggernmne con unlimited URLs The website montong has been disabled Mo checking will tak Manage Remove place Ownership ventication Renmore W To enable the website for WI scanning Click the Manage link beside the website that you want to enable again Management of the website http buggerme com General Website Configuration gt Enable Website Reports e Click the Enable Website link and click OK in the confirmation dialog To view the reports of the disabled website click the Reports link Refer to the section Web Inspector Scan Reports for more details on WI reports 2 3 0 2 Changing WI Notification Recipient Email Address Web Inspector will be sending notifications daily via email to the regarding the details of the website scanned result of the scan and the time it was scanned You can change this email address in the interface To change the email address e Click the Manage link at the right side in the row of the website that you want to manage The General Website Configuration of the selected website will be displayed Return to List of Websites Management of the we
9. How often do have to scan Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 123 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO Every 90 days once per quarter Merchants and Service providers should submit compliance documentation Successful scan reports according to the timetable determined by their acquirer Scans must be conducted by a PCI Approved Scanning Vendor ASV Comodo is a PCI Approved Scanning Vendor What reports are provided by Web Inspector PCI scanning service Web Inspector PCI Scan Control service provides two reports after each scan the Audit Report and the PCI Compliance report The PCI Compliance report is the one you need to submit to your acquiring bank to demonstrate compliance The Audit Report is a more technical document used to identify and re mediate any security holes What criteria causes a Pass or Fail on a PCI scan Each post scan Web Inspector PCI vulnerability report states a PCI compliance status of Compliant or Not Compliant based on the discovery of potential security flaws on your systems If no vulnerabilities with a CVSS base score greater than 4 0 are detected then the scanned IP addresses hosts and Internet connected devices have passed the test and the report can be submitted to your acquiring bank lf the report indicates Non Compliant then the merchant or service provider must re medi
10. Warnings Stam Scan Address Si i Scant subnets Status rte Scan Type Win H Obie Al Adaren Sa Hii C aap lirt Ll4 1 1 201 a a r F et SE Executive Report Repor Chats hisieicomn Lae Se CH a ail Navigation Bar e Overview Displays the Overview area that provides the administrator with a report summary of last scan and serves as a launchpad for starting scans and the Device List area that allows the administrator to add edit and configure target devices view scan reports e Schedule Displays a list of existing scans allows to add new schedule of scanning e Reports Enables the administrator to view the summary and complete scan reports My Enables the administrator to configure account settings view license scan options and to choose Account which plug ins are to be deployed during a scan SAQ Allows the administrator to access the Self Assessment Questionnaire SAQ for their self evaluation on compliance with the Payment Card Industry Data Security Standard PCI DSS e Help Contains links to the download user guide and to the Comodo knowledgebase Also enables the administrator to launch a simple setup wizard for PCI Scanning Overview Area The Overview area displays the status of the PCI Scans and a dashboard summary of the scan reports from last performed scan on the device selected from the Device List area Click here for more details Device List Area The Device Lis
11. 2015 Comodo Security Solutions Inc All rights reserved 114 Creating Trust Online Comodo Web Inspector Administrator Guide _ a COMODO Web Inspector PCI COVenViciw Schedule Reports My Account SAU Secma False Positives Tracker r Report Packs Complete reports Pack Report Description 01 05 2013 05 71 Aveaitirug reviews Once the pack is generated and reviewed by our PCI CSS approved support staff it will be available under the same tab for download Web Inspector PCI Overnaeiw Schedule Reports My Account SAQ Scans False Positives Thacker Report Packs Complete reports Pack Report Description 01 1432013 03 21 Download Available Ok e Click the Download button The file download dialog will appear File Download Do you want to open or save this file Name AllPCTReports zip Type Compressed zipped Folder 29 2K6 From 81 187 167 53 While files from the Internet can be useful some files can potentially harm Your computer IF vou do not trust the source do not open or save this file What s the risk e Save the file in a desired location This report pack will contain pdf files of Attestation of Scan Compliance report Executive Summary and the Vulnerability Details and the of the PCI scans executed within the past 90 days Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 115 coMoDOoO Creating Trust
12. Before Web Inspector can start scanning your website we need to verify your ownership of the website choose a method of website ownership There are four ways you can verify website ownership Click any ofthe choices to read step by step instructions for that method Please select the method you prefer File Upload Upload a special file to your webserver Meta Tag Add a meta tag to your home page Please add the meta tag to your home page httpfexample com lt meta name comodo_si_verification content 4738291 gt should b plated in the HEAD lt fHEAD section ofthe page heck the tags have been added by viewing page source on your live home page ACK Vert to pegin website ownership VENTIC ation Administrative Email Confirm a code sent via email to the domains administrator DONS CNAME E nter a code into your ONS CNAME record e Copy the meta tag from the text box and paste it into your website home page as a new line anywhere between Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 10 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO lt Head gt and lt Head gt tag e Once this is done click the Verify button to initiate the verification check e Comodo will check for existence of the tag to prove domain control e After successful verification Manage and TrustLogo links will become
13. O Ihave read and agree to the End User license Service Agreement and Terms of sale 7 Continue E ET e a laa ene ana ci Gc i gt nce i mee mad aaia aala nm cc mi sic S s ni mea mm eames mk ew sl hm aba Bi mias Sm n y i men miei me ni i mm nmi mene i cn ni mk is ee mn hn mmm nim ml men ci in ma a mech enim in i n nmi i m e Select the plan that you would like to purchase e Select Existing Comodo User in the Enter Customer Details area and provide your email address and password for the existing Comodo account e Select a payment method and provide the details e Select Automatic Renewal Service if you want the subscriptions to be renewed automatically on expiry e Agree to the End User License Service Agreement and Terms of sale after reading them fully e Click Continue and complete the purchase procedure Your new subscription will updated and displayed in the My Account screen Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 40 Comodo Web Inspector Administrator Guide COMODO Creating Trust Online To manage your WI account click the Manage Account button You will be taken to your Comodo Accounts Manager CAM page at https accounts comodo com siteinspector management cCoO MO D O Welcome test test Creating Trust Online Nebinspector MyAccount Help Contacts Logout Comodo Webinspe
14. e Support Clicking the Support link at the bottom right of the interface takes you to the Comodo support portal an online knowledge base and support ticketing system The support portal is one of the fastest ways to get assistance from Comodo support staff on any Web Inspector questions you may have Registration is required Please remember to include your order number when you submit a ticket 2 1 Logging in to the Administrative Interface Web Inspector customers can login into the service by visiting http app webinspector com login Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 6 coMoDOoO Creating Trust Online inspector Home nineScan RecentDetections f ogin ingpeci Dae Protect Login to Web Inspector If you don t remember your password click the Forgotten your password link 2 2 Adding Websites for Daily Blacklist Monitoring and Malware Scanning Major search engines including Google Yahoo and Bing will blacklist a website if they determine that it is malicious This can happen for example if the site is found to host malware or because the site has been used for fraudulent activities such as phishing Blacklisted sites will not be listed in search results and website visitors will be shown a strongly worded message of warning whenever they try to visit the site This is especially significant when you consider hackers can infiltrate a legi
15. Adding Additional IPs Domains 1 Open Edit Interface as explained above IP Addresses Daomains Test Device 3 IP Addresses Domains Delete Delete Device 1 Addresses ae oe Add Free IP testdomain com x Addresses Domains 2 Addresses Domains Add Multiple Addresses Please check discovered components currently out of scope Save Cancel 2 Enter the Domain name s or IP addresses in the Add IP Addresses Domains text box and click Add button beside the textbox 3 Click Save Removing a IP Domain from a Device 1 Open Edit Interface as explained above 2 Click the X button beside the IP Domain name and click Save Moving IP Domain to Another Device Remove the IP Domain from the device in which it is existing and add it to the destination device Removing a Device 1 Open Edit Interface as explained above 2 Click the Delete Device button and click Yes in the confirmation dialog Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 67 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO Warning Are you sure to delete this device term 2 5 3 5 Start Scanning Once the device is added you can scan the target device Note The IP addresses that Web Inspector PCI scans originate from are 208 116 56 32 28 and 91 209 196 32 28 You may have to modify your firewall to allow scans from this range To
16. All rights reserved 111 e Comodo Web Inspector Administrator Guide a Creating Trust Online take to achieve compliance The mitigation plan is available at the end of the list of the vulnerabilities Tip You an directly view the mitigation plan by clicking the link Jump to Remediation Plan from the Additional Actions area 2 9 6 Reporting False Positives A false positive exists when Web Inspector PCI incorrectly detects a Security Hole vulnerability with a CVSS base score greater than 4 0 or if compensating controls exist elsewhere in the network s security infrastructure to offset or nullify the vulnerability Administrators have the ability to submit suspected false positives to Comodo from with the security advisory itself see below Sel Siqned Cert Sohmtion Purchase or generate a proper certificate for this service Report as False Positive Ifyou believe this vulnerability is a false positive already patched or compensating controls exist within your infrastructure please click the link above A security expert will review your submission and accept or reject the report You can manage the status of your false positive submissions here If you think this is a legitimate false positive click the Report as False Positive link or here link shown above This will open the false positive reporting dialog Shown below False Positive amp Flugin Mame SSL Certificate with
17. Aremediation planning tool enabling task prioritization and project management e Links to recommended products and services that will help you cost effectively resolve non compliant areas e A ready to submit PCI DSS Self Assessment Questionnaire To access the wizard e Click the SAQ tab in the Navigation bar of the Web Inspector PCI interface Web Inspector PCI Schedule Reports My Account SAQ Help Web Inspector POI Overview The wizard is a four step process where you have to register select the SAQ type and complete the questionnaire The final step provides the summary of SAQ Your progress is automatically saved after each question allowing you to log out and return at a later date to complete the questionnaire Your free account and responses are retained giving you an opportunity to revise and modify any of your answers This also allows you to update schedule and track the progress of outstanding remediation tasks What are the compliance validation reporting requirements for merchants Under the new PCI standard the compliance validation requirements of the old VISA CISP and MasterCard SDP programs have been aligned so that merchants need only validate their compliance once to fulfill their obligation to all payment cards accepted Merchants will provide compliance validation documentation to their Acquirer s Compliance validation documentation consists of the appropriate annual self assessment questionnaire
18. MAC address address rather than their IP address This is useful for networks in which DHCP is used Exclude top level domain Check box Excludes the hosts whose addresses are returned by a wildcard on some top wildcard hosts level domains or the web server Nessus TCP Scanner Check box Enables classical TCP port scanner It shall be reasonably quick even against a firewalled target Once a TCP connection is open it grabs any available banner for the service identifications TCP scanners are more intrusive than SYN half open scanners Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 97 COMODO Creating Trust Online Creating Trust Online Comodo Web Inspector Administrator Guide COMODO 2 5 0 Scheduled Scans Comodo Web Inspector PCI features a highly customizable scheduler that lets you timetable scans to run at a time that suits your preference Web Inspector PCI automatically commences the selected type of scan on the selected devices IPs Domains You can choose to run scans at a certain time on a daily weekly monthly or on a custom interval basis Web Inspector PCI gives you the power to choose allowing you to get on with more important matters with complete peace of mind Web Inspector PCI vulnerability scans can be scheduled to run e Ata specific date and time e Ona recurring basis at daily weekly monthly or user specified intervals To access the
19. select the High Medium or Slow radio buttons to specify the maximum number of concurrent scans The number of allowed parallel checks are as given below High Six Parallel Checks Medium Four Parallel Checks default Slow One check at a time Tip Lower the number of concurrent scans faster will be the process Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 96 Comodo Web Inspector Administrator Guide Scanning Options Click the More Scan Options link to view all the scanning options available This area enables administrators to configure general options pertaining to the scans The settings chosen in this area will apply to any scan performed on selected device in the Overview and Scheduled Scans areas Scan Option Element Type Description Ping the Remote Hosts Check box Pings the remote hosts through TCP connection and reports to the plug ins knowledge base on whether the remote host is dead or alive This sends to the remote host a packet with the flag SYN and the host will reply with a RST ora SYNACK Consider unscanned ports Check box Ports that are not specifically scanned will be assumed as in closed state as Closed Do an applicative UDP ping Check box Performs a check if the host is up by sending a single UDP packet The host DNS RPC is up if another UDP packet is returned or
20. 2 then the scan will be performed on alternate days 5 Select the start time from the Set Start Time drop down combo box and select your time zone from the Time Zone drop down box The scan will be started on the set time at the scheduled dates according to your time zone 6 Click Save to to apply your schedule 7 Click Next to continue the wizard Note You can always view modify delete the schedules from the Scheduled Scans area of Web Inspector PCI interface Click here for more details Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 55 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO Step 3 Configure PCI Scan Email Alert Options Web Inspector PCI sends automated email notifications to administrators on events like commencement of manual scheduled scans results of scan and failure of scans You can set your preferences for receiving the emails as you wish If you do not want to have email alerts at this moment Click Next to go to Step 4 You can configure the alert notifications later by accessing the My Account area Web Inspector PCI Setup Wizard gt pp Overview Schedule Reports hy Account l Logout l Email Alert Options Our Stanning service can customize the alert options per whole device or paritular address for ary available stan types Alerts can be sent to differant contacts to make sure important alerts are cen
21. 5 Mid _ FANACET fi Destination path wil be created if does not exist GE B comeco_ id a4 Mame lt b Li pclae moda E Dekho D Extract and replace fies E G My Docuens Lj boot O Extract and update files i My Computer Ka Trice gt Fregh esgshing files andy Ls JH Floppy A aiberuninf coe Local Disk IC aboot catacg IAk se New Volume ID BAREDE Ask belge cvenka oid inet a Neve Yokes IF CA Dvenaka without peompt E Skip existing fies a Si My Network Places drcelineas C Reep broken files C Display ies i Enple Total 2 folders and 2 251 bytes in 3 files e Run cmd exe and change drive letter to USB disk ex G e Type cd boot in the command prompt e Run bootinst bat and follow instructions es C WINDOWS system3 7 cmd exe Microsoft Windows BP Wersion 5 1 2600 CC Copyright 1985 2001 Microsoft Corp eae Ge cd boot G boot gt hoot inst bat _ Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 15 5 C YWWIHDOWSisystem32 cmd exe bootinst bat his installer will setup disk G to boot only Slax Warning Master Boot Record MBR of the device G will be overwritten If G as partition on the same disk drive like your Windows installation then your Windows will not hoot anymore Be careful Press any key to continue or kill this window x to abort es C WINDOWS system3 7 cmd exe bootinst bat Setting up
22. ACCOUNT secrecions aE inn ERES Vesataeasadbpadd KAEA EEEE EEEREN TETES 38 E T Oe nE EETA 41 PAA a E T RTE E EA EEEE E ERE ENEE A A E AE ETAT ONAN te OET E A E A AEA T 45 PR I E A A ANNAA EEIN a xe eco ea AA A NE A A ENA ET 49 E E E E E ie degen dapeenesenEe 49 P E E E E eae tanueneionemeueans 50 2 5 1 Starting up with Web Inspector PCI Scanning SOIC isssixvassssicvarss veristorbanisnsnsuied lsaneadanstransvodatinaiereedulavehinennestes 51 AA e Ale I E E EENE EE E OE A E E E E E 51 aps mi A T E i A EE 52 2 5 1 3 Viewing Executive Report Charts and Vulnerability Reports c c ccccssssssescssssessssssssssssssessressrssssseresasees 58 2 5 1 4 Accessing the Self Assessment QueStIONNAILE cccccecssscssssessessssssssessesssesesassessesacseseeseseesaseesansesensassnsanses 58 LDL PU NN Doriga NAS GTI sasinan aiita ni iai aai 59 BM le EA MIE AE P EEE A A I A E N A EN A OE E E EA A E 61 BN E a EEE EN PEE ESA A AAA NA OEE IA E VAE E E AE AT EEE 62 AE AAN e d e E OER AEI A EEIE E E EAE E EET AIEEE E E T 63 Zooo NON bo Trak a New Do E erena a a aiaee aiaiai 64 Pare ABE E S AE N EA EAA E A E E E AEA EEE E 67 E a E oa E e nee tte Seeman nee eee ee 68 2 5 3 6 Viewing a Dashboard Summary of Scan ROSUNS secs sdsscinsseesdsuarsenrlacensdnnianenvnicstveaceaitoubideasiay IET ENEE ER EEE ERS 69 2 5 3 7 Viewing Executive Report Charts and Vulnerability Reports c cccecsssscsccsssssssssecsseessescseesssessseessesenees 69 rde a EE 1
23. Accepted 2013 04 16 08 36 17 WTC Disable URL Remove X To enable it again click the Enable URL link and click OK in the confirmation dialog Web Inspector will now start monitoring the enabled page also halidi URLs for the website dain ed PAPO yen Tenth Webs ir ctor will browse your site looking for links and th can tose pages Web Inspector does motiind a page that you need to be scanned please add it here The URL monitoring has been enabled Enter URL here Marrow URL displaying FILTER Fiho ea Lape COPA Orie Lip Enabled at 2013 04 16 08 52 30 UTC Disable JRL Remove Fito napeta corvuygulama amek Date Accepted 2013 04 16 08 36 17 UTC Disable URL Remove X You can remove a page from this list by clicking the Remove link beside it 2 3 0 6 Adding Trust Logo to your Website The Web Inspector Trust Seal is a symbol that conveys the message to your website visitors that the site is safe secure trusted and verified thus increasing the conversion rates of visitors to potential buyers You can add the WI Trust Logo in your website from the Websites interface or in the List of Websites interface To add WI TrustLogo in your website e Click the Manage link at the right side in the row of the website that you want to add the TrustLogo Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 36 Creating Trust Online Comodo Web Inspector Admin
24. Delete iS SEME 0 Addresses Add Free IF Add IP Addresses Domalhs addrassesiDomains 3 Add Multiple Addresses Hide F Addresses Domains 956 173 190 238 108 162 155 201 www letscoding com Note You can check for the IP addresses and the domains which have been previously entered and deleted or the IP Addresses that were detected through reverse lookups on the domains or common hostnames for the domains included previously by clicking the link Please check discovered currently out of scope This helps you to identify the out of the scope components to be scanned and add to the created device Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 65 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO IP Addresses Domains Test Device 3 IP Addresses Domains Delete Delete Device Add Free IP Add IF testdomain com Add Addresses DOMains AgddressesDomains 3 Add Multiple Addresses Please check discovered components currenti out of scope Note You must enter external IP addresses in these fields Web Inspector will not run PCI scan on private IP addresses that refer to machines internal to your network Private IPs ranges are defined by RFC 1918 as 10 0 0 0 10 255 255 255 10 8 prefix 172 16 0 0 172 31 255 259 172 16 12 prefix 192 168 0 0 192 168 255 255 192 168 16 prefix 7 Click the Add button b
25. List area to view the report An example of the Vulnerability Report is given below Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 107 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO j j Cherview Schedule Reports My Account Scans Vulnerability Report scan Summary Non Compliant Additional Actions Customer company namne tesi Back io All Reports AS Conia Mane Comodo CA Limited Fy Print in POF Scan expiration date 04 03 2013 12 14 Siart Time 01 03 2013 08 57 Phigins Used 15927 of 15627 available Finish Tinie 01 03 2013 1214 Total Scan Dur ation Tine 03 17 00 List of IP Addresses Domains Security Holes Security War nines SOUT Hotes Scanned wera letscoding com 51 52 Open Pont Protocok Common Seriot 21 ten Th 110 ben papd 143 itp imap 465 ben smip qo3 tcp imap qo4 tcp pops 2078 tcp ware 2063 ten ware 2087 ter ate 2096 tH Waat ate 2144 ten het 9090 ten ssh wrer abies Lecpemil Note Secunty Holes and Warnings wil casse you to tel a vulrerabikty scan They must be foal Securiiy Holes remnediated and re tested in onder to psss E SEGAY Varming E erir Notes Www letscoding com The Vulnerability Report consists of a summary of the scan details and the prioritized list of the vulnerabilities found Scan Summary The scan summary contains the following details e Company Name The Company name of th
26. SSL certificate presented on this port is for a different machine Risk factor Medium CVSS BASE SCORE 5 0 CVSS 2A MAC DAU MICE NAPJAN Phin owp The following hostnames were checked Hyperic Agent hosting4 ninett HO Selt Signed Cert Soblition Purchase or generate a proper certificate for this service Report as False Positive lfyou believe this vulnerability is a false positive already patched or compensating controls exist within your infrastructure please click the link above A security expert will review your submission and accept or reject the report You can manage the status of your false positive submissions Mere The title bar indicates the type of the vulnerability and the port service in which it is identified Status Indicates the status of the device whether it has passed or failed Plugin The vulnerability plug in that has detected the vulnerability Category The category of the flaw that is responsible for the vulnerability Priority Indicates the priority at which the vulnerability has to be re mediated Synopsis The Synopsis in the report provides a short description of the vulnerability For example if the protocol is encrypted if debugging is enabled etc Description A detailed description of the vulnerability and its effects This section also contains links for additional reading about the vulnerability Risk Factor Shows the severity of the vulnerability according to the CVSS score The NVD provi
27. Scanning Options link to go back to the Website Scanning Configuration Options screen Adding Pages Manually for WI Scan Web Inspector will browse your website and all the linked pages If Web Inspector does not find a page that you need to be scanned you can add the URLs of these pages manually To add URLs of pages manually for WI scanning click the Required URLs link in the Website Scanning Configuration Options interface The list of web pages already added will be listed eas made aira ii the website http odi e a com Web Inspector will browse your site looking for links and then scan those pages HWeb or does not nd a page u need to be Scanned please add it here Enter UPL here Narow URL displaying Gaa http ihaear tunaperzaj comMUyguIama amek Date Accepted 2013 04 16 08 3617 UTI Disable URL Remove W Disi ay 20 Hems per page e Sorting Reports based on Search Keys You can filter the entries in the list to show only the results of particular webpage s by sorting the results based on search keys Enter the search key partially of fully in the text field beside Filter and click the Filter button e Limiting number of entries per page You can limit the number of items displayed in the screen by selecting the option from Display drop down To add a web page manually enter the full URLs of the webpage and click the Add URL button Web Inspector will add the webpage and displ
28. Sign Up te Comedoe Online Storage Sign Up to Antispam Gateway Sign Up te Comodo System Utilities Sign Up to Comodo Internet Security Sign Up te Endpoint Security Manages Sign Up to LoginPro Sign Up te Comodo lletwork Center Sign Up to TrustConnect Last Ten Orders Orders Description Yeb inspector 500 URL license TrusiLogo Setup Fee 201 2 12 04 201 2 12 08 an mn Wie 478941 1 pe indole Pegg 15 00 Processed retake YWeb inspector 500 URL license TrustLogo Monthly ar i 4242 Access Fee 201 2 1 2 04 207 3 01 04 1 Four This area allows you to change your account settings and information and also to sign up for other Comodo Products and services The right hand side pane contains the shortcuts for the following Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 45 Creating Trust Online Comodo Web Inspector Administrator Guide cence e Viewing your account details User Details e Changing your account password Change Password F Change Contact information e Changing your contact details Change Email Address Credit Cards Management e Changing your email address Purchase History e Managing your credit card details e Viewing your purchase history Changing Your Comodo Account Password The Change Password option in the right hand side pane allows you to change the password to access your Comodo Web Inspector services account and the Comodo Accou
29. TLD This is required to make the entry fully qualified Slick Verify to begin website ownership verification e Copy the hashes from the text box and paste it into a note pad The hash values must be entered as a DNS CNAME record for your domain e Once this is done click the Verify button to initiate the verification check e Comodo will check for CNAME to prove domain control e After successful verification Manage and TrustLogo links will become available for that domain Note the availability of TrustLogo link depends on your subscription type Repeat the processes outlined above to add more websites If the number of websites exceeds the subscription plan for your account a warning message will be displayed Setup Website SEIUD a Cally CHECK 10 ensure Your WebSite Is not Dackisted and is Tree Of Mahrare TOU Will Pecenve an emall every day Win ine status Of Your Website This licence is fully used please choose another licence Purchase of a new licence 5 site s with unlimited URLS d9as1 f 939e 4c48 8 b2 1 39cheasal os 1 site s with 3 URL limit and ebIns pector TrustLogo serite 964e795 1 39P 40f2 bbeb dbselsal ir 2740 20 site s with unlimited URLs and Weblnspector Trust ogo service cd41 40 a290 47f2 8dsrdfdsearde3 Cancel Setup If you want to add websites without changing your subscription plan disable a website that is currently in the list and repeat the process for addi
30. Wrong Hostname Service Name imap 1 4sitcp Host Wy IETS coding com F You confirm thatthis security item is a false positive and has been fully patchedifixed on your server Our security experts may review the information provided to ensure itis correct and accurate Please provide brief information on the patch applied or upgrade which produced the false positive e Next check the box You confirm that this security item is a false positive and has been fully patched fixed on your server e important administrators must include information in the text box detailing the patch or compensating control that they have deployed If this space is left blank then the request will be automatically rejected e Click Save to submit the report to the Web Inspector PCI technicians for analysis and verification The advisory will contain the following message to indicate that your submission is under review Our support team will review the information provided to ensure it is satisfactory The administrator can check the status of the submitted false positive at any time Click here for more details If Confirmed as false positive by our technicians This security hole will no longer count against your IP address Domain Genuine false positives are automatically removed from the list of security holes from which your PCI report is derived Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights re
31. a summary of the last scan that was run on that device It also allows the administrator to add edit and configure devices and to view scan reports Clicking the bar chart icon will underneath a device name will display statistics for that device in the main Overview area e Schedule Displays a list of existing scans allows to add new schedule of scanning Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 51 Creating Trust Online Comodo Web Inspector Administrator Guide meee e Reports Enables the administrator to view the summary and complete scan reports My Enables the administrator to configure account settings view license information configure email Account alerts configure scan options choose which plug ins are to be deployed during a scan etc SAQ Allows the administrator to access the Self Assessment Questionnaire SAQ for their self evaluation on compliance with the Payment Card Industry Data Security Standard PCI DSS e Help Contains links to the user guide and to the Comodo support ticketing system Also enables the administrator to launch a simple setup wizard for PCI Scanning Overview Area The Overview area displays the status of the PCI Scans and a dashboard summary of the scan reports from last performed scan on the device selected from the Device List area Click here for more details Device List Area The Device
32. access management Comodo s proprietary technologies help solve the malware and cyber attack challenges of today Securing online transactions for thousands of businesses and with more than 85 million desktop security software installations Comodo is Creating Trust Online With United States headquarters in Clifton New Jersey the Comodo organization has offices in China India the Philippines Romania Turkey Ukraine and the United Kingdom Comodo Security Solutions Inc 1255 Broad Street Clifton NJ 07013 United States Tel 1 877 712 1309 Tel 1 703 637 9361 Email EnterpriseSolutions Comodo com For additional information on Comodo visit http www comodo com Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 126
33. an iso image to create a Live CD as files to create a Live USB stick or as files to run from a VM ware player The scans can be run directly from the Overview area of Web Inspector PCI interface after installation and configuration of the agent see How to install the Agent Configuring the Agent and Using the Agent Main Menu for more details on set up and configuration of the agent See Start Device Scanning to learn how to run an internal scan once the agent has been installed There are two main prerequisites to running an internal scan e The creation of a Local Device as a target for the scans in the Device List area of the Web Inspector PCI interface Local Devices are defined by one or more IP addresses e The HG internal scanning Agent has been installed on your local network to communicate with the HackerGuardian scanning servers via VPN connection Once these two steps are complete users can start an internal scan on the device by clicking the Start Scan button in the Overview area For creating local devices and to run scans on the local devices switch to Device List area of Web Inspector PCI Click here for more details on the interface Note The Internal Scanning feature allows you to create and edit local target devices and to manually run scans on selected devices Unlike other external devices LAN Devices are defined using IP addresses only Click on th
34. and 2 this scan result only indicates whether or not my scanned systems are compliant with the external vulnerability scan requirement of PC OS this scan result does not represent my overall compliance status with PCI DOSS or provide any Indication of cornpliance with other FCI DSS requirements Td attest to ihe above statement you must electronically sign the attestation by providing the following information Your Contact name Your E mail Your Title John 5 nth jemithexan ple con general Manager e Read the Attestation statement and fill your Contact name email address and your role in the subscribing Organization as a token of digitally signing the attestation form and click Next Immediately the report pack generation will be started On completion your report pack will be reviewed by our support staff and will be passed on for download This will be indicated by a dialog A The report pack will be generated and then added to a queue to be reviewed by one of our support staff The report pack status will be displayed on the Report Packs page and will be available for dawnload from this page lf your report pack passes our review It can be submitted to your acquiring bank for PEI certification Yes e Click Yes To check your report pack status click the Report Packs tab in the Reports area The status of your requested report pack will be displayed Comodo Web Inspector Administrator Guide
35. and accompanying attestation of compliance and possibly the quarterly PCI scan compliance report To whom does the PCI regulations apply Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 122 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO The PCI DSS standards apply to all entities that process store or transmit cardholder data This includes all merchants and service providers with external facing IP addresses handle store or transmit credit card data Even if your website does not offer website based transactions for example you link to a payment gateway there are other services that may make card data accessible Basic functions such as e mail and employee Internet access will result in the Internet accessibility of a company s network These seemingly insignificant paths to and from the Internet can provide unprotected pathways into merchant and service provider systems if not properly controlled What is defined as cardholder data Cardholder data is any personally identifiable data associated with a cardholder This could be an account number expiration date name address social security number etc All personally identifiable information associated with the cardholder that is stored processed or transmitted is also considered cardholder data What if a merchant or service provider does not store cardholder data If a merchant or servic
36. and threat mitigation advice e Includes PCI compliant network vulnerability scanning service e Site seal assures customers that your website is malware free and trustworthy e Easy web based interface means you can be up and running 5 minutes after sign up English fname HEE Protect ne Test27_F_P1_P2 Teet Logout Rietum to List of Websites Management of the website http ads aceweb net eneral Website Corfigurat Q Disabla Website Changa Email Ragorts False Positives Scanning Options TrustLogoa Status Hig d 2013 All righi fi ered FAQ Support Guide Structure This guide is intended to take you through the use of Comodo Web Inspector and is broken down to the following main sections e The Administrative Interface Provides a snapshot of main functional areas of Web Inspector e Logging in to the Administrative Interface How to login to the Web Inspector interface Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 4 A Comodo Web Inspector Administrator Guide COMODO Creating Trust Online a f T e Adding Website for Daily Blacklist Monitoring and Malware Scanning How to add websites for WI scans e Managing Websites in Web Inspector How to add websites for malware scanning and blacklist monitoring e Removing a Website from Daily Blacklist Monitoring and Malware Scanning e Viewing Last Scanned WI Reports e Ad
37. be removed from Web Inspector 2 3 5 4 False Positives A False Positive is when you are sure that some of the pages listed by Web Inspector in its report are in fact free from any kind of vulnerabilities or infected by malware You have the option to mark these pages as False Positive in the Reports tab Refer to View Detailed Reports in Web Inspector Scan Reports section on how to add pages as false positive The pages added as False Positive will be listed in this interface To view the list of false positive pages reported for a specific website click the Manage link at the right side in the row and click the False Positives link in the General Website Configuration interface Management of the website http tunapeyzaj com eneral Website Configuration Disable Vebsile Change Email Reports False Positives Scanning Options The list of web pages added as False Positive will be listed Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 32 Comodo Web Inspector Administrator Guide COMODO Creating Trust Online False positives for the website http tunapeyzZaj com Nernow WAL displaying Nipwhaweciunapeyzal comfirma proilil Malichous actrity deiected Daie Accepted 701 3 04 16 06 30 03 UTE Remove hipa una pezaj comimerak etkler MBIIChOUS acimiiy detected Date Accepted 201 4 02 08 14 5 Remove Display 20 tems per page M e
38. download pages in order to scan them Web Inspector identifies itself in much the same way that a regular browser identifies itself In some cases websites present different content based on the type of browser user agent that is making the request By default the Web Inspector agent identifies itself as Mozilla 4 0 compatible MSIE 8 0 Windows NT 6 0 This setting covers the vast majority of browsers that your website visitors will use to visit your site Therefore Web Inspector is requesting receiving and analyzing the precise content that your viewers see For a full list of user agent strings please visit http user agent string info list of ua To change the name of the user agent click the User Agent link in the Website Scanning Configuration Options interface Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 34 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO Change User Agent for the website http tunapeyzaj com f required you may specify a name for the useragent that will used to Stan your website Mozilla S 0 iPad UW CPU OS 3_2_1 like Mac OS en us Apple Webkit 531 21 10 KHTML like Gecko Mol UPDATE Enter the new name of the user agent in the text box and click the UPDATE button The User Agent has been successfully changed message will be displayed User agent has baan successi Changed Click the Return to
39. if an ICMP port unreachable message is returned Port Range Text box Set the range of ports to be scanned A special value of default is allowed which scans port 1 15000 To scan all TCP ports on the target host enter 1 65535 Enter single ports such as 21 23 25 or more complex sets such as 21 23 25 1024 2048 6000 or enter default to scan default ports Optimized Test Check box Allows the scan to be optimized by only performing tests if information previously collected indicates a test is relevant When disabled all tests are performed Nmap NASL Wrapper Check box Runs nmap 1 to find open ports Scan for La Breatarpitted Check box Performs a labrea tarpit scan by sending a bogus ACK and ACK hosts windowprobe to a potential host Also sends a TCP SYN to test for non persisting lebrea machines SYN Scan Check box Performs a fast SYN port scan by computing the RTT round trip time of the packets moving back and forth between host and the target and using the value to quickly send SYN packets to the remote host Netstat Scanner Check box Runs netstat on the remote machine to find open ports Safe Checks Check box some checks are potentially harmful to the target host being scanned When this option is enabled scans which may harm the target host are not performed This option should be disabled to perform a full scan Designate hosts by their Check box This option will identify hosts in the scan report by their Ethernet MAC
40. individual or entity to whom they are addressed f you have received this email in error please notify the sender by replying to the email containing this attachment Replies to this email may be monitored by Comodo for operational or business reasons Whilst every endeavour is taken to ensure that emails are free from viruses no liability can be accepted and the recipient is requested to use their own virus checking software ae 2 3 Managing Websites in Web Inspector The Websites area allows you to e Remove websites from scanning monitoring e View last scanned WI reports on your domains e Adda Web Inspector site seal to one of your web sites e Validate ownership of website e General website configuration of selected website To view this area click Websites at the top of the interface Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 13 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO e English w We a Chat with us Mow Callus 1 999 266 6991 Request a Callback inapti Detect Peries L j kirn LA f i i R F mE mr etup Wizard Websites fy Account canning Wari List of Websites eli Slit Le hitowads aceweb net Unlimited URLS Scanned at 7013 04 12 01 3042 UTC ueiLege Manage Report Remove X ili i i u ied UR Ti fe ownership Cwmnership Varficabon Ramove M http Vbuggqerme com unlimited URLs Scanning T
41. information is safe with usl Terms and Conditions USER LICEHSE AGREEMENT WEBIHSPECTOR will IMPORTANT PLEASE READ THESE TERMS CAREFULLY BEFORE DOWNLOADING INSTALLING OR USING COMODO WEBINSPECTOR SERVICES BY DOWNLOADING INSTALLING OF USING THE SERVICES OR BY CLICKING ON I ACCEPT BELOW YOU ACKNOWLEDGE THAT YOU HAVE READ THIS AGREEMENT THAT YOU UNDERSTAND IT AND THAT YOU AGREE TO ITS TERMS YOU DO NOT AGREE TO THE TERNS HEREIN DO NOT DOWNLOAD OR USE THE SERVICES OR CLICK OW I ACCEPT IF This user license agreement if between you you or Subscriber as either an individual or as a business entity and Comodo Security Solutions Inc Comodo l accept terms and conditions e Click SIGN UP Your order will be processed and confirmation email will be sent from Comodo To renew your subscription for WI services e Click the Renew link at the bottom right side of the screen The Comodo Sign Up Page will be displayed Follow the same procedure as explained in Subscribing WI services for more websites section To view your Web Inspector subscription details e Click the View link at the bottom right side of the screen Your Comodo Web Inspector Subscriptions details page will be displayed egln Spector We Account Hel E Contacts AAA 1 oGou Comodo Wobinspnoctor Subscriptions on AET n a ciate Product name License key Subscription PFA Web nspector 500 URL
42. is safe you can report it as False Positive by clicking the Mark As FP link beside See the section False Positives for more details Click the Return to Overview link to return to the summary report screen Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 28 Comodo Web Inspector Administrator Guide COMODO Creating Trust Online f f Example of detailed report for Malware Downloads E Return to Overview Report for http tunapeyzaj com This ts a high risk site Hosts Malware Details Scan Tire 201 204 01 1330 44 UTC Checked URLs Nenmow report displeyine FILTER URL Result URL Detalls C niomunanevzal com Suspicious Suspicious details Print report Mark As FP Display 10 items per pag Clicking the Suspicious details link will display the report for that particular page Report malware details This is a high risk page http tunapeyzaj com Result for 2073 04 01 13 30 44 UTC Hosts Malware URL behaviour was detected Malware Downloads Found by Comodo Cloud checking and Antivirus Engine Click the Print report link to take a print of the report for that page If you are sure that a page listed in the report is safe you can report it as False Positive by clicking the Mark As FP link beside See the section False Positives for more details Click the Return to Overview link to return to the sum
43. machine to find open ports Safe Checks Check box some checks are potentially harmful to the target host being scanned When this option is enabled scans which may harm the target host are not performed This option should be disabled to perform a full scan Designate hosts by their Check box This option will identify hosts in the scan report by their Ethernet MAC MAC address address rather than their IP address This is useful for networks in which DHCP is used Exclude top level domain Check box Excludes the hosts whose addresses are returned by a wildcard on some top wildcard hosts level domains or the web server Nessus TCP Scanner Check box Enables classical TCP port scanner It shall be reasonably quick even against a firewalled target Once a TCP connection is open it grabs any available banner for the service identifications TCP scanners are more intrusive than SYN half open scanners Ping the Remote Hosts Check box Pings the remote hosts through TCP connection and reports to the plug ins knowledge base on whether the remote host is dead or alive This sends to the remote host a packet with the flag SYN and the host will reply with a RST ora SYNACK Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 93 Creating Trust Online Comodo Web Inspector Administrator G uide ye COMODO Select the Vulnerability Plug ins to be Deployed Each indiv
44. navigation Important Note The Device Name displayed in the agent must exactly match the name that you set for the target Device in the LAN Devices area of your Web Inspector PCI account Incorrect authentication settings will lead to failure of authentication and no scan will take place View Agent Log File This option allows you to view the HackerGuardian agent execution progress trace warnings or errors and diagnose connection problems Help info Opens the built in help page that give explanations on each item in the HackerGuardian Agent Menu 2 0 4 5 2 Network Configuration The network configuration menu allows you to reconfigure the network settings you made during the configuration of the agent To change the existing network configuration select Modify in the network configuration dialog Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 82 Comodo Web Inspector Admini COMODO Creating Trust Online C 0 M 0 D 0 HackerGuardian YPN Agent network configuration Network configuration settings provided configuration to bring network up to change network settings to get back to menu lt do nothing gt The network configuration wizard will be restarted The available network adapters are detected and displayed as a list C 0 M 0 D 0 HackerGuardian YPN Agent network card select network device to configure and to use for comectio
45. needs to be PCI compliant will be categorized as one of these types see table Validation Types e Once an organization has determined its Validation Type or the organization has been assigned as a particular validation type by its acquirer it can complete the Self Assessment Questionnaire SAQ and Attestation of Compliance that is appropriate for that Validation Type What is the Self Assessment Questionnaire The PCI Data Security Standard Self Assessment Questionnaire SAQ is a validation tool intended to assist merchants and service providers who are permitted by the payment brands to self evaluate their compliance with the Payment Card Industry Data Security Standard PCI DSS Comodo has simplified this often confusing process with the Web Inspector PCI HackerGuardian PCI Compliance Wizard an intuitive web based application guides merchants through every step of the PCI Self Assessment Questionnaire Each question is accompanied by expert advice to help the merchant interpret and appropriately answer each question At the end of the wizard you will find out immediately whether or not your answers qualify your organization as PCI compliant The wizard will provide e A Questionnaire Summary Listing security control areas on which you failed compliance e A custom Remediation Plan for your company containing e Acomprehensive list of remedial actions that you need to take to attain full PCI compliance e
46. o eee meena Print repa aie AiO Weta UEDA comimerak etikler High Risk Malicious activity detected Printreport Mark As R O anan Chnm O Maeous acti cetecteri 1 Pintrepot Mark AG FP G Hiin twetatinapeyza commerak ettikier Sate Ho maliciaus code files or acthity detected 4 hi eine peyzalcomirierak ettibier High Risk Malicious activity detected Printregorct Mark Se FF http Janie apena cConvirerak etikter High Risk Maleis acth ity detected Removing reports for a particular website Unwanted and outdated reports can be removed from Web Inspector Reports by clicking the Remove link in the Reports of the website interface Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 31 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO A f f K j Reports of the website http tunapeyzaj com Show all entries l hip iunapeyzai cams Mahvara Scanning Checked URLs 1 Created af 201 3 04 16 00 15 58 WTC Report t http iunapeyzal cams Mahware Scanning Checked URLs 1 Created at 201 3 04 15 08 03 51 UTC Report H http wiunapeyzal corr Mahvare Scanning Checked URLS 1 Created at 2013 04 13 00 15 51 UTE Repotii Remove x hip tiunapezai Cor Wakara Scanning CGherked VALS 1 Created af 2013 04 17 0015 48 UTE Repon Fienie W A Confirmation dialog will appear Are you sure e Click OK The selected report will
47. password and now cannot login to the Web Inspector website why When you change your password there is a delay between changing it and that change being synchronized with the Web Inspector database Please allow 15 minutes for the synchronization to take place after changing your password Does Web Inspector PCI use the latest CVSS v2 Yes Web Inspector PCI uses the latest Common Vulnerability Scoring System version 2 CVSS v2 All Web Inspector PCI Scan customers are not impacted by the change from CVSS v1 to v2 as we have already been using v2 2 6 3 PCI FAQ e What is PCI DSS e What is the Self Assessment Questionnaire e What are the compliance validation reporting requirements for merchants e To whom does the PCI regulations apply e What is defined as cardholder data e What if a merchant or service provider does not store cardholder data e Are there alternatives or compensating controls that can be used to meet a requirement e Are there alternatives to encrypting stored data e What are the compliance validation reporting requirements for merchants e Do merchants need to include their service providers in the scope of their review e What is a network security scan e How often do I have to scan e What reports are provided by Web Inspector PCI scanning service e What criteria causes a Pass or Fail on a PCI scan e What if fail the PCI scan e Where can find and complete the Self Assessment Questionnai
48. password to during signup After upgrading will have to re enter my IP Domain information For the PCI Scan Control Service any previously validated IP addresses will still be usable I am an existing Comodo account holder e g SSL can use my existing Username and Password during purchase Yes You should use the Existing Customer Option and enter your existing Comodo UN PW during the signup process You can then also use your Comodo account Password and Username to log into the Web Inspector PCI interface at https app webinspector com login Explain the password username system to me During signup you created a Comodo account with a Username and Password This Username and Password has dual functionality 1 Use it to log into your Comodo account and manage your Comodo account details You can log in at http www comodo com 2 Use it to log into the Web Inspector PCI web application interface Do this using the login box at https app webinspector com login Also see the online help documentation at http help comodo com topic 208 1 490 5111 Introduction to Comodo Web Inspector html Can I scan private internal IP addresses Yes Internal IP addresses can be scanned if you have a Web Inspector PCI Scan Compliancy Enterprise license It is not possible to scan internal IPs with the standard license Private IPs ranges are defined by RFC 1918 as 10 0 0 0 10 255 255 255 10 8 prefix 172 16 0 0 172 31 255 2
49. report for the network device scanned is also generated The compliance status for each device is set as Compliant or Non Compliant based on the discovery of potential security flaws on the device IP Domain The security flaws or the vulnerabilities are rated based on their severity levels The rating of each vulnerability is indicated by the color of title bar of the respective report The following table shows the official PCI severity ratings CVSS Score Vulnerability Severity Level Scan Result Red 7 0 10 Security Hole High Fail PCI Scan Orange 4 0 6 9 Security Warnings Medium Fail PCI Scan Blue 0 3 9 Security Notes Low Pass PCI Scan Based on the ratings Web Inspector PCI categorizes the vulnerabilities as Security Holes Security Warnings and Security Notes Security Holes A vulnerability whose severity level is more than three or High is identified as a Security Hole To pass a PCI Compliance scan no holes are to be found during the scan If any holes are found the merchant or the service provider must remediate the identified problems and re run the scan until the compliance is achieved Security Warnings A vulnerability whose severity level is more than two or Medium is indicated as a Security Warning To pass a PCI Compliance scan no warnings are to be found during the scan If any warnings are found the merchant or the service provider must remediate the identified problems and re run t
50. starturl index html just enter starturl in the Start Url selection textbox 4 Enter the hidden url in the Hidden Url selection text box and click Save Add Note The start page url should be mentioned for each hidden url The hidden url should be prefixed with a The domain name and the full path need not be repeated For example if the hidden page of the domain testdomain com starturl is www testdomain com starturl hiddenpage just enter hiddenpage in the Hidden Url selection textbox Placing the mouse cursor over the added hidden url will display the full path PCI Settings initiate the PCI settings The final URL consists of fAddiress Start URL Hiden URL For example innyachiess com startiem Start UEL has pero or more hidden URLs Dont repeat start URL value in hidden URL input box Hidden URL stars from Don t put at the end of start URI Tou can see Tul URL by pointing cursor of your mouse oer the concrete hidden WAL Target selection Device Test davice we Address wiw letscoding com we Start Url selection Hidden Wr selection starturi Save Add hiddenpage Seve Add staruri rerig hiddenpa qe Perro ry URL wa letscoding com stantunl hen age 5 Repeat the process for adding the start url and the hidden url for each hidden page in the website Setting Maximum Number of Allowed Concurrent Scan and Scan Options In the PCI Scanning Options section
51. status of enrolled websites WI Reports include e Scan reports of all the web pages of websites enrolled for Daily Malware Scanning e Scan reports of index nome pages of the websites enrolled for Daily Blacklist Monitoring The Reports interface displays a list of all the malware scan reports of the selected websites with the details on e the website domain to which the report pertains e the number of web pages urls scanned in that website e creation date and time of the report To view the last scan report of a specific website click the Report link at the right side in the row Refer to Viewing Last Scanned WI Reports for more details To view the reports list of a specific website click the Manage link at the right side in the row and click the Reports link in the General Website Configuration interface Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 23 A a A Comodo Web Inspector Administrator Gi TA A Z COMODO Creating Trust Online f f E f j Management of the website http tunapeyzaj com General Website Configuration Z Disable Website Change Email False Positives Stanning Options The complete list of daily run WI scan reports for the selected website will be displayed Reports of the website http tunapeyzaj com hipMunaperzai Corr Malware Scanning Check
52. unwanted reports Using the Filter options Sorting Reports based on Report Types The drop down menu at the top right enables you to select the reports to be Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 24 A S e 7 A A Z Comodo Web Inspector Administrator Guide COMODO Creating Trust Online i St a j displayed based on scan results e Show all entries Displays all the entries e Show only Safe entries Displays only the scan reports of the sites identified as safe and free from malware e Show only Unsafe entries Displays only the scan reports of the sites identified as unsafe and suspicious e Show only Inconclusive entries Displays only the scan reports of the sites on which the malware scanning yielded inconclusive results Limiting number of entries per page You can limit the number of items displayed in the Reports page by selecting the option from Display drop down at the bottom Viewing Detailed Reports The detailed scan report created on a particular date can be viewed by clicking the Report link beside a listed item 0 hii Muna geyzal cor Makara Scanning Checked URLS 1 Created ak 2013 04 02 00 15 46 WTC Report id Ramaras X http wMunapeyza com Mabvare Scanning Checked URLa 12 Created at 2013 04 01 13 30 44 UTC Remove M 0 hit unageyral cor Mabhvare Scanning Checked URLS 12 Created af 2013 04 01 13 2649 UTE He
53. us 1 489 266 6361 Request a Callback Ermali Us kapit Del Proc Websites Wty Account PCI Scanning Comodo Weblnspe amodo Weblispector subscriptions available ctor Subscriptions shee Unlimited UELS 1 fee Sets Walid to wed Apr 24 11 12 08 UTC 2013 TrusiLogo Disabled eit 3 URL lime O free site s Walid to Fn Apr i 1108 36 UTC 2013 TrusiLogo Enabled leisi UAE URLS i6 fae sears Waid to Fn Wav 10 08 730 04 UTE 1013 Tuiloa Enabled B 20 MANAGE ACCOUNT Purchase More Litencas You can purchase more subscriptions by clicking the Purchase More Licenses link It will take you to the purchase page Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 39 Comodo Web Inspector Administrator Guide COMODO Creating Trust Online a m f a a a Hood Agthigtance COMODO Creating Trust Online Y 888 351 7956 Shopping Cart Account Details Complete Order Web Inspector Starter 1 Year Plan 9900 is TOTAL 99 00 Web Inspector Plus UPGRADE 1 Year Plan 179 00 Web Inspector Premium ist gt UPGRADE Bagin Pei Pete 1 Year Plan 299 00 web Web Inspector Enterprise Par W agent Die Pros 1 Year Plan 7 539 00 Existing Comodo User New Comodo User SELECT A PAYMENT METHOD Satisfaction Guarestesd CW Expiration Date o E Automatic Renewal Service
54. x Subnets Scan Type Test Device 2 All Addresses Scanning a PCI Scan Cancel Scan I targetis count ail WA i pi Oi esp D All Addresses Non Compliant 04 11 2013 12 05 PCI Stari Executive Report T Report Charta bisier com target s coum alll Note You can also start scanning on any existing device from the Overview area of the interface Click here for more details 2 0 1 3 Viewing Executive Report Charts and Vulnerability Reports e To view the Executive scan Report click the Executive Report button beside the device name e To view the Charts page that contains at a glance summary of the scan results on the device and graphical representations of proportions of identified vulnerabilities according to their categories click the charts page button cmi in the row of the Device e To view the Vulnerability Report click the Vulnerability Report button beside the IP domain name from the list of Ps domain names displayed by clicking the button beside the Device name The Administrator can also download a Report Pack containing the pdf files of the reports for submitting to the acquiring bank from the Reports area after a successful scan Refer to Web Inspector PCI Reports for more details 2 9 1 4 Accessing the Self Assessment Questionnaire The PCI Data Security Standard Self Assessment Questionnaire SAQ is a validation tool intended to assist merchants and service providers who are permitted by the payment br
55. 013 11 00 PCiScan Executive Report Ij Report Charts repartis availaile Test device E all Addresses Non Compliant 01 03 2013 08 57 PCI Scan Executive Report ii Report Charts reportis availabe Www leiscoding com Non Compliant 01 03 2013 Vulnerability Report Execute Report fest Device EJ Compliant At the end of each scan Web Inspector PCI produces three types of reports e Executive Report Executive Reports provide an overview of the security status of multiple hosts allowing administrators to gain an overview of the health of their entire network Click here for More Details e Charts Page The charts page displays the scan summary and the bar graphs and pie diagrams indicating the proportions of vulnerabilities according to their categories Click here for More Details e Vulnerability Report Vulnerability Reports are a detailed overview of scans on a single IP Domain They include a prioritized list of the vulnerabilities found expert remediation advice and thousands of cross referenced online advisories Click here for More details Tip The vulnerability reports and the PCI Compliance reports can be converted into pdf format by clicking the link Print in PDF from the Additional Actions area as shown below Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 101 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO Additional Actio
56. 4 hips 443tcp SSL Procol Create from admin internaci Appepted Usage Filtering Options The administrator can filter the listed false positives based on the scan type and status e Click the drop down arrow beside View to select the false positives based on scan types To view the false positives submitted for PCI scans select PCI e Click the drop down arrow beside Status to select the false positives based on its status The following table provides description of information columns in this area Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 116 Comodo Web Inspector Administrator Guide COMODO Creating Trust Online j A f a f il f Column Description ID The identity number of the submitted false positive Expiration Expiration date of the scan Date Host The IP Domain for which the vulnerability was detected and submitted as false positive Port The details of the port in which the vulnerability was found Plugin Details of the HackerGuardian Plug in used to test for a specific vulnerability Notes Notes entered by the administrator at the time of submission Status Indicates the review status or whether accepted or rejected by the Administrator or the Comodo support team after validation Reason The reason for accepting or rejecting the false positive 2 9 8 Purchasing Additional IP Packs The Web Inspec
57. 55 172 16 12 prefix 192 168 0 0 192 168 255 255 192 168 16 prefix How many concurrent scans can run The number of concurrent scans you can run is 10 of the number of IP s covered by your license and the maximum number is 25 For example if the number of IP addresses covered by your license is 50 you can run five concurrent scans on different IP s How many ports does each service test Different level of services will allow for different total numbers of ports to be scanned If you use the Scan Control service you may define ranges of ports to be scanned within the Set Options page in the Port Range field Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 120 Comodo Web Inspector Administrator Guide COMODO Creating Trust Online j A f a f il e The PCI Scan Control Service scan tests up to a total of 65 535 ports the total number of ports available on your system e The Daily and Free services will scan the first 15 000 ports on your system This is a targeted selection of the most commonly used and commonly attacked ports Note that most services run on the reserved ports below 1024 and security industry experts agree that these are the most commonly targeted ports In some circumstances it will be beneficial to test all 65 535 ports but administrators should be aware that this will lengthen the scan time have changed my
58. 62 hrovskyinfor unlimited URLs The website ownership has not been vented Ownership Yanficahon Remove hitevbuqgerme comy unlimited URLs Scanning TrustLogo Manage Report Remove X e Click on the TrustLogo link to find the details Or e Click the TrustLogo Status link in the General Website Configuration screen G Beum bo List orwWebsites Setup TrustLogo for the website http ads aceweb net The Weblnspector TmstLoge is disabled will mot be shown on your website Your website did not pass the last Webinspector scan See Details e Click the See details link to view the detailed report of the infection Refer to the section View Detailed Reports of a website in Web Inspector Scan Reports for more details After remedial action has been taken and during the next WI scan if the website is found to be safe the WI TrustLogo will be enabled again 2 4 Managing Your Account The My Account tab in Web Inspector enables you to view your account details change your login password add more websites renew your subscription and create a new account To manage your account click the My Account tab in the WI interface The details of your subscriptions will be displayed Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 38 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO English Ww se hat with us Now Call
59. 8 x Add Free F Addressesibaomalins 17 Add IF Addresses Domains Add Multiple Addresses 2 Enter the new IP addresses in the Add IPs or Domains text box and click Add button beside the textbox 3 Click Save To remove an IP from a device 1 Open Edit Interface as explained above 2 Click the X button beside the IP address and click Save To move an IP to another device e Remove the IP from the device in which it is existing and add it to the destination device To remove a device 1 Open Edit Interface as explained above 2 Click the Delete Device button and click Yes in the confirmation dialog Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 73 Creating Trust Online Comodo Web Inspector Administrator Guide meee Warning x A Do you really want to delete the entire device 2 9 4 3 How to Install the Agent Note The Web Inspector PCI is powered by Comodo HackerGuardian technology and uses HackerGuardian Agent software for internal scanning purposes The HG Agent software is available in three formats e ISO image To create a Live bootable CD for configuring the agent on a physical machine e Zip file To create a Live bootable USB stick for configuring the agent on a physical machine e VMware Player Version of the agent designed to run under VMware Player Installing and configuring the agent on a physic
60. COMODO Creating Trust Online Ww Comodo Web Inspector Software Version 1 0 Administrator Guide Guide Version 1 0 010215 Comodo Security Solutions 1255 Broad Street Clifton NJ 07013 United States coMoDOoO Creating Trust Online Table of Contents 1 DOVE TIED io Comodo Web IS tO cs a 4 2 ke Admins mative MioraCE ciana en er ere orn Renner ANAA TEANNA EARTE NASN KAE y vere 5 2i LOONE TO TV CIM SEIS WAS aoe iiaiai a a NE E E 6 2 2 Adding Websites for Daily Blacklist Monitoring and Malware Scanning ccccssscssecssesssecsssscsseessecessessssessseeseecesersaesees 7 Zo Manada WenS tS IN VCO MoNeta iini Ee 13 2 3 1 Removing a Website from Daily Blacklist Monitoring and Malware Scanning ssssssssnsssnsnsrsnsnsrsnsisrnrnenersennns 14 ae VENNO LASI Scanned V REDONE sensara naa aaa a E EEE OE EOE a ea a i aE a 15 FMI ne W b00 TO TOW NoD E ninie iaa deiae aiaa 16 NT E EEEO mca A A AANE O EAA A A E TAE O A AA 17 L G i CONTOU O aina a a a eE E 20 Pr eo ae aE E Eo Ne E E N A AAEE ETT 21 2 3 5 2 Changing WI Notification Recipient Email ACOreSS ccccesssssssssssessssseserssssesssercessesersaeseseeeseesseeserssatsas 22 BF VE Ny ot OIG SE ENE A eps ea bowers os sarhod A A E EEE 23 Bp Fel Fg VS A A E ad dacs E E E S T A E EE 32 TES E L eLO o o E seb ances A E E E A A AEE AE eaes 33 2 eo POON VISE LOG 1O VOU VSI SING a O daaaionteinsarianeanailenininidecnaniatnipetaauias 36 2A Managing YoUr
61. Charts Page is given below Overview Schedule Reports My Account SAQ Help Logout Scans False Positives Tracker Charts page Additional Actions Device name Test device Secwity Security Security IP Address Domain scanned Total an ae Back to All Reports weer letscoding com o 51 52 103 IP Address Domain Top 5 Risk Categories Weve leiscoding com General 103 Scan History Yarnings i 01 03 2013 12 14 01 03 2013 07 41 Holes Warnings oe weak agii Summary The summary table provides the list of IP addresses Domains pertaining to the device scanned and the number of Security Holes Security Warnings and Security Notes identified in each IP Domain Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 106 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO Fi f Device name Test device Security Security Security Holes Warnings Notes Total IP Address Domain scanned Wry ETS COdINg com 0 5 A 103 IP Address Domain Top 5 Risk Categories We Tats coding com General 103 Scan History The scan history section contains bar graphs and pie diagrams indicating the proportions of vulnerabilities according to their categories Vulnerabilities by Host A graphical representation of the information regarding the security holes found security warnings and security notes per host Each
62. Code Note Fields marked with are mandatory e f your Billing address is same as the contact information leave the checkbox The same as Contact Information under Billing Information selected Else uncheck the option and enter your billing address e Select your payment mode in the Payment Options section and enter the required details in the respective fields Sees The Same as Contact Information Lie elderly Se A Oa TA TO TESI A Shariah iat ped deh 2 A proce ere pacers AETA a etn se ne eee veer gt AETI RER Binh 3 Be a ek ease sie se ad a re omm 24 Sees aS Spree ee ete Bee ee sai Sree Bee EE See Bes aE sae Seas aS oe SE eee Pe eee eae Sei E RE GRE eee a Ee age eae S ELLERT Credit Card Details Credit Card Humber Select my Credit Card Security Code Hame exactly as it appears on your credit card Expiration date December F _ e Select the Yes checkbox in the Communication Options section for updates about Comodo products e Read the User License Agreement and accept to it by selecting I accept the Terms and Conditions checkbox Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 43 Creating Trust Online Comodo Web Inspector Administrator Guide a a communication Options Yes Plaase keep me informed about Comodo products upgrades special offers and pricing via email Your
63. Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 27 A ma A Comodo Web Inspector Administrator Guide COMODO Creating Trust Online P f ai a i A Report for http tunapeyzaj com This is a high nisk site Malicious Activity Details Scan Time 2013 04 01 13 30 44 UTC Checked URLs Nerow repor dispicyin MENEE URL Result URL Details http Whar un apeyes COMmans Sayla peve High Risk Malicious activity detected Print report Mark As FP hitb vate Nap eye COMA ra pron High Rizk halichous activity detected Print report Mark As FP tip eae napa conunnerak ettikler High Risk Malicious activity delected Print report Mark As FP Q http Munaparzaj cor High RiSk POTEA activity detected Frini repari Mark As m D hthp eww tunapeyzajcomimerak ettikler High Risk Malicious actrity detected Printreport Mark As m O ENANA A er Migh Risk Malicious acy detected Pen report War As FP Clicking the Malicious activity detected link will display the report for that particular page Report malicious details This is a high risk page http Avww funapeyzaj com ana sayfa peyzaj 2 Result for 2013 04 01 13 30 44 UTC Malicious URL behaviour was detected E High Suspiciows Code Found by Antivirus Engine Click the Print report link to take a print of the report for that page If you are sure that a page listed in the report
64. Creating Trust Online Comodo Web Inspector Administrator Guide COMODO j f x v d 1 Scan Information Provides information on the Company name of the subscriber scanning vendor Comodo CA Ltd date of scan and the scan expiry date 2 Component i Provides an at a glance indication of PCI Compliance status of your systems Compliance Summary 3a Vulnerabilities noted Provides details on types of vulnerabilities identified for each IP address with their for each IP address severity level CVSS base score and compliance status If no vulnerabilities with a CVSS base score greater than 4 0 named security holes in Web Inspector PCI are detected then the scanned IP addresses hosts and Internet connected devices have passed the test and the report can be submitted to your acquiring bank lf the report indicates Fail on any of the IP address then the merchant or service provider must re mediate the identified problems and re run the scan until compliancy is achieved 3b Special Notes by IP Provides any special details or notes of the vulnerabilities found and any special Address declarations given by the subscriber Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 104 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO f a Ji 2 j lf the Component Compliance Summary section of your Web Inspector PCI Exec
65. E All Addresses Non Compliant 01 03 2013 08 57 PCI Scan Executive Report ii Report Charts i targel s coum 2 ll wi letscoding com Non Compliant 01 03 2013 08 57 PCI Scan Vulnerability Report Ro iest The Administrator can also download a Report Pack containing the pdf files of the reports for submitting to the acquiring bank from the Reports area after a successful scan Refer to Web Inspector PCI Reports for more details 2 0 4 Internal Scanning The Internal Scanning feature allows customers to run Web Inspector PCI vulnerability scans on computers located on a local area network LAN These computers are typically inside the company s private network and are protected by a perimeter firewall or other network security device Note The Web Inspector PCI is powered by Comodo HackerGuardian and so WI PCI will be accessing HG technology wherever required In order to run an internal scan the administrator must first install and configure the HackerGuardian HG internal scanning Agent on the local network Once installed and configured this Agent will establish a secure connection to a HackerGuardian Access server which will in turn establish a secure communication channel connection to a HackerGuardian scanning server The scanning server will then be able to connect to and run scans on the local computers located at the IP addresses that have been specified as Local Devices in Web Inspector PCI The Agent software is available as
66. Executive Report button beside the device name from the Device List area to view the report An example of an executive report is shown below Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 102 Overview Schedule Reports My Account SAQ Logout Scans Executive Report Scan Report Executive Summary COMODO Creating Trust Online Part 1 Scan Information Scan Customer Company est ASV Company Date scan was completed Scan expiration date Part 2 Component Compliance Summary IP Address wwwletscoding com Part 3a Vulnerabilities Noted for each IP Address IP Address Vulnerabilities Noted per IP address level Score Severity cvss Compliance Additional Actions T PrintinPor Back to All Reports Pass w Fail Exceptions False Positives or Status Compensating Controts Noted by ASV for this Vulnerability www ietecodina com SSL Self Sianed Certificate lv ffx 2144fcp Whe teu 64 Fal ww letscodina com SSL Certificate Cannot Be Trusted www 20964cp Medium 54 Fal wyrw letscodina com SSL Self Sianed Certificate www 2087 cp Modum 64 Fal www ietscoding com Backported Securty Patch Detection SSH ssh Low 00 Pass 9090Acp Consolidated Solution Correction Plan for above IP address Purchase or generate a proper certificate for this service Configure SSL TLS servers to only use TLS 1 1 of TLS 1 2 if supported Configure SSL TLS serve
67. Guardian sub menu contains the options for configuring various HackerGuardian VPN authentication settings Selecting the HackerGuardian agent first opens a Login dialog C 0 M 0 D 0 HackerGuardian YPN Agent HackerGuardian authentication Please check your login password and device name are correct and match your HackerGuardian account Use lt TAB gt lt UP gt and lt DOWN gt arrows for navigation Login Passuord Device Name e Type your Login name Password and the device name as you registered in the HackerGuardian website C O0 M 0 D 0 HackerGuardian YPN Agent status HackerGuardian agent menu view agent log file help info Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 81 Comodo Web Inspector Admini trator Guide COMODO Creating Trust Online The options available are e Set Change Authentication Values e View Agent Log File e Help info Set Change authentication values The VPN connection values of Login Name Password and Device name can be changed by selecting this option This is useful when you have configured the agent on one device and wish to quickly running the scan on another pre registered device C 0O 4 0 D 0 HackerGuardian YPN Agent status HackerGuardian authentication Please check your login password and device name are correct and match your HackerGuardian account Use lt TAB gt lt UP gt and lt DOWN gt arrows for
68. In this page you can view the details of Comodo products that you have purchased in the past Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 48 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO a r To view your purchase history e Click Purchase from the right hand side pane in the My Account interface Weblnspector Wy Account Help Contacts Product Title Vebinspector S00 URL license Trustloga i VALID Orders Change Payment Method CAM vw5 3 10721 The page displays the details of products that you have purchased and also allows you to view the orders and change future payment method e Click the Orders link to view all your product orders and their details e Click the Change Payment Method to change credit card details for future payments that will be required while purchasing Comodo products or renewing existing subscriptions 2 4 3 Help Clicking the Help tab takes you to Comodo s searchable knowledge base and troubleshooter at https support comodo com Comodo Kayako SupportSuite Help Desk Software Microsoft Internet Explorer Sele File Edit View Favorites Tools Help id address 48 https ftsupport comodo com Gs COMODO Creating Trust Online Comodo Saas Home Support Center
69. List area displays a list of devices added to Web Inspector PCI and provides an at a glance summary of the status of each device This area also allows the administrators to create a new device edit a device add IP s to a device and open device reports Click here for more details Account Status Information Area The Account Status Information Area displays the number of remaining scans and free IPs Domains deserved by the administrator and also allows the administrator to purchase the service for more IPs Click here for more details 2 9 1 2 Running Your PCI Scan Comodo Web Inspector PCI features a built in Setup wizard for PCI scanning that provides the fastest and easiest way to add devices and to commence a PCI scan The wizard is accessible from the interface after you login to your account 1 Logging in to Web Inspector PCI To login in to the WI PCI interface click the PCI Scanning tab in WI main interface English Ww Senator Chat with us Now Call us 1 B88 266 63 repect Detect Protect You will be taken to the Web Inspector PCI login page at https pci webinspector com sas login jsp Ww Ponad Inspect Detect Protect z Login to Web Inspector PEI Llsername PO Password eles e Enter the same credentials that you are using for Web Inspector and click Login After your username password has been verified you will be logged into the Web Inspector PCI administrators interface Co
70. Online AlIPCIReports Selle File Edit View Favorites Tools Help ae je Back gt wa gt Search Kee Folders AttestationScan compliance Adobe Acrobat Document 5 KB l A Y asy feedback _Form_ _client File and Folder Tasks ah DOC File 103 KE mij Rename this file Moe iy Moye this File Executive Surnmary gt YulnerabilityDetails ace a Adobe Acrobat Document Adobe Acrobat Document A Copy this File L E KB SKE g Publish this File to the Web E mail this File E Frint this File gt Delete this file Other Places m 22 11 10 My Documents ig My Computer These scan reports should be submitted to the acquiring bank or payment bank according to their instructions to demonstrate compliance Also the report pack contains an ASV Feedback form to be filled up and sent to the PCI SSC at asv pcisecuritystandards org as a feedback for the scanning service provided by Comodo the Approved Scanning Vendor 2 5 7 8 Tracking Status of Submitted False Positives Web Inspector PCI allows the administrator to track the status of the false positives submitted from the Reports area To view the status click the False Positives Tracker link from the Reports area Web Inspector PCI CVEMAew Schedule My Account SAQ Logout Scans False Positives Tracker Report Packs False Positives View All False Pootwes i Status Al Simiuses kea 10 7 Expiration Date Host Deprecated fod 38 104 60 25
71. Scheduled Scan management interface click on the Schedule tab in the Navigation bar Web Inspector PCI Schedule Reports My Account SAQ Schedule Scans Schedule fable Shows all upcoming scans and cumenti recumng schedules T E p Accmmi Status IP Addresses Scanning Schedule Scan Type Scans Lett AddressesiDomains Lett Test Device OpenviClose tlontivh c es Domain 1 Addresses Starting 04 17 2013 PCI Scan Delete Ai TOL Timezone 0 GMT Order more Addresses Add Hew Schedule The Scheduled Scans area displays the list of existing schedules The following table provides description of information columns in this area Column Description Device Displays the name of the device upon which the scan is scheduled IP Address Displays all the associated domains e g www domain com or IP addresses that administrator specified for the device Click the button beside Open Close to view the list of IPs and the Domains scanning Schedule Displays a summary of the scan schedule including details on recurrence period start time etc scan Type Displays the selected scan type Action Enables the Administrator to remove the schedule 2 0 6 1 Adding a New Scan Schedule 1 Click Add New Schedule The schedule options will be displayed 2 Select the type of scan to be run as per the schedule from the Select scan type drop down box Comodo Web Inspector Adm
72. Sorting Reports based on Search Keys You can filter the entries in the list to show only the results of particular website s by sorting the results based on search keys Enter the search key partially of fully in the text field beside Filter and click the Filter button e Limiting number of entries per page You can limit the number of items displayed in the False Positive screen by selecting the option from Display drop down at bottom right This False Positive list will be stored in Comodo servers and will not be reported as malware infected or suspicious page s after the next scanning process Click Remove if you want to delete this page from the list After removing a page from this list if Web Inspector detects any malware during the next scan it will be reported again as infected page in reports 2 3 5 5 Scanning Options Web Inspector allows you schedule your daily scans change the user agent name that will be used to scan your website and specify a particular page or pages that you want To configure scanning settings for a specific website click the Manage link at the right side in the row and click the Scanning Options link in the General Website Configuration interface Management of the website http tunapeyzaj com Seneral Website Configuration 3 Q Disable Wwebsite Change Email Reports False Positives otanning Options g The Website Scanning Configuration Options screen will b
73. The wizard is a four step process where you have to register select the SAQ type and complete the questionnaire The final step provides the summary of SAQ Your progress is automatically saved after each question allowing you to log out and return at a later date to complete the questionnaire Your free account and responses are retained giving you an opportunity to revise and modify any of your answers This also allows you to update schedule and track the progress of outstanding remediation tasks 2 9 2 PCI Scanning Service Infrastructure The streamlined web based main management interface provides easy access to all the functions of Web Inspector PCI The navigation bar at the top has tabs to access different functional areas to add new devices initiate scans view reports schedule scans modify your account and scan settings etc in simple steps The account status displayed in the right pane informs your remaining scans remaining IPs Domains that you deserve and also enables you to purchase the service for more IPs and Domains Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 59 coMoDOoO Creating Trust Online Web Inspector PEI Ona ie Scheduip Reports My Acc oun bs Legeut Acco Sats PEI Scan Stats Man Camplamt 04 11 2013 12 05 Scans Let 5 Addressesilioenalns Len Device Dashboard Onder more Addr tset Holes Wamingr Mgkaf
74. Trust Online Comodo Web Inspector Administrator Guide COMODO STeInspector My Account Help Contacts Contact Us In Marth America 1 5685 766 6351 r 1 703 581 6361 All other countries 44 03161 674 7070 Emait salessicomodo com Email us at support Peomecdo com or use the telephone number provided when you placed your order Validation Departivent if You are required to submi corporale documents tor validations purposes please mail toc Validation Department Comodo Security Services Jrd Floor 26 Ortice Vilage Exchange Quay Trafford Road Salford Manchester WS JES Uk You mary also submi your documents by email or face ta Email docs comodo group com US end Canadian Fax 1 866 691 5837 international Face 1801 03 9291 For EV Extended Validation SGC SSL Certificates onkh Email evdocs i comodo com US and Canadian Fax 1 666 446 7704 international Face 1 8071 303 9359 Business Development Strategic Partnerships if you would like to discuss a Business Development or Strategic Partnership please contact us at busedewPcomoda com Affiliate Partners if you would like to discuss Partner or Affliate opportunities please contact us at busdewicomodo com Existing Affiliates Partners If you are a Web Host Reseller Program Member webhostsuppornti comodo com If YOu are Reseller Program Member reseller supporhdcomods com CAMI w 44 1430 The Contact Us page contains telephone nu
75. ained in the Device has hidden webpages which are not linked from any other active page Then the crawler will not be able to find them and include them for scanning These hidden pages are to be scanned Web Inspector PCI allows you to manually add them to the device for scanning To access the PCI Settings area 1 Switch to My Accounts area of the Web Inspector PCI interface 2 Click the PCI Settings link in the My Accounts area Web Inspector PCI Overview Schedule Tita My Account Account lWornation Ainail Alerts Custan Settings PCI Settings PCI Settings Initiate the PC settings The final URL consists of Address Start URL Hidden URL For example inyaddress conmstantul hidden Start URL has zero ore hidden URLE Don t repeat stan VAL value in hidden URL input box Hidden URL starts from Don t part al the end of start URL TOU can see Tu URL by pointing cursor of your mouse over the concrete hidden URL OF F Target selection Device Test device bi Adkiress w lets coding corr Start Url selection Hidden Un Selection fhiddenurl SavejAdd starturl PC Scamming Options The following setting determines the number of checks we perform in parallel lf too much load is placed on your infrastructure reduce ihis Setting to Slows Parallel checks value is used forall PC scans li doesn coupled wilh any concrete URLS o High amp Parallel Checks o Medium 4 Parallel Chacks default
76. al machine requires you to create a Live CD or Live USB Download the VMware version if you wish to run under VMware player To create a Live CD e Download the iso image file comodo_1 0 iso from http download comodo com hg comodo_1 0 iso e Burn a CD with the iso file The Live CD is successfully created and you can install and configure the agent on any local target device in your network and added to LAN Device Management area of Web Inspector PCI All you need to do is to boot the device through the Live CD To create a Live USB e Download the zip file comodo_1 0 zip from http download comodo com hg comodo_1 0 zip e Plug ina USB memory drive minimum 64MB gt 128MB is preferred pre formatted with either FAT16 or FAT32 file system Note USB drive must be formatted and contain only one partition with no hidden partitions For UNIX Linux systems e Unzip comodo zip on the USB drive it must be mounted somewhere like mnt usb ex mount dev sdb1 mnt usb e Type cd mnt usb boot amp amp chmod R x e Run sh bootinst sh and follow instructions e Type umount mnt usb For Windows XP 2000 Vista systems e Unzip comodo zip on target USB drive it must appear as drive letter ex G Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 74 coMoDOoO Creating Trust Online Extraction path and options Lo General Awe f ig 7 i a ae
77. ands to self evaluate their compliance with the Payment Card Industry Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 58 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO Data Security Standard PCI DSS Comodo has simplified this often confusing process with the Web Inspector PCI Compliance Wizard an intuitive web based application guides merchants through every step of the PCI Self Assessment Questionnaire Each question is accompanied by expert advice to help the merchant interpret and appropriately answer each question At the end of the wizard you will find out immediately whether or not your answers qualify your organization as PCI compliant The wizard will provide e A Questionnaire Summary Listing security control areas on which you failed compliance e A custom Remediation Plan for your company containing e A comprehensive list of remedial actions that you need to take to attain full PCI compliance e Aremediation planning tool enabling task prioritization and project management e Links to recommended products and services that will help you cost effectively resolve non compliant areas e A ready to submit PCI DSS Self Assessment Questionnaire To access the wizard e Click the SAQ tab in the Navigation bar of the Web Inspector PCI interface Web Inspector PCI Schedule Reports My Account SAG Web Inspector POI Overview
78. ase select the method you prefe File Upload Upload a special file to your webserver meta Tag Add a meta tag to your home page administrative Email Confirm a code sent via email to the domains administrator ONS CNAME Enter a code into your DANS CNAME record Please add a DNS CNAME record for your domain The hashes are to be entered as follows 9563 5daabSed eb 489c1e9bSasl le example com CHAME wi 23a1 3084cd2b256e7 as63a2 i c9b11d6e1 webinspectorcom Please take care to include the period atthe end of each TLD This is required to make the entry fully qualified Click Werf fo begin website ownership verification e Copy the hashes from the text box and paste it into a note pad The hash values must be entered as a DNS CNAME Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 19 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO Fi A f a f a j record for your domain e Once this is done click the Verify button to initiate the verification check e Comodo will check for CNAME to prove domain control e After successful verification Manage and TrustLogo links will become available for that domain Note the availability of TrustLogo link depends on your subscription type 2 3 9 General Website Configuration The General Website Configuration interface allows you to manage a selected website from the lis
79. at a time Select the network adapter through which you want the scan to be performed and select OK C 0 M 0 D 0 HackerGuardian VPN Agent network card Select network device to configure and to use for conmections Interfaces names are usually this eth0 ethx wired ethernet wlan wlanX wireless client Wlanmaster wlanmasterX wireless master The connection mode configuration dialog appears The available choices are Static IP address and DHCP Select the mode in which the device is connected Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 78 Comodo Web Inspector Admini COMODO Creating Trust Online C 0 M 0 D 0 HackerGuardian YPN Agent ethO mode Select connection mode st STALIC e hep configure wired network by DHCP protocol Cance l gt In the next dialog set the parameters for the selected connection The agent detects the default parameters of the device and displays them Only change the values you wish to change and select OK Use up and down arrow keys and the tab key for navigation C 0 M 0 D 0 HackerGuardian VPN Agent eth static ip params Please provide data for static IF tld 192 168 0 1 255 255 255 0 192z 168 0 254 Nameserver 192 168 0 254 lt Cancel gt If you are satisfied with the above configurations select Apply in the next dialog Comodo Web Inspector Administrator Guide 2015 Comodo Secur
80. at any time Following successful completion of the questionnaire merchants will be provided with official certification that can be submitted to their acquirer Where can find a PCI Approved Scanning Vendor capable of providing quarterly PCI vulnerability scans Right here Comodo Web Inspector PCI offers a range of PCI compliance services designed for merchants and service providers of all sizes Click here to find out more What s the deadline for compliance When must begin using the new PCI standards The Payment Card Industry Standards Security Audit Procedures Self Assessment Questionnaire and Security Scanning Requirements are effective immediately What are the penalties for non compliance with the PCI standards Validation and enforcement is the responsibility of the acquiring financial institution or payment processor For each instance of non compliance these organizations levy various penalties onto merchants and service providers which can include e Increased transaction processing fees e Fines of more than 500 000 for serious breaches Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 124 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO e Suspension of credit card transaction processing abilities Comodo Web Inspector provides a range of services that make PCI compliance easy Find out which service is right for
81. ate the identified problems and re run the scan until compliancy is achieved What if fail the PCI scan lf your Web Inspector PCI Scan Compliance Report indicates NOT COMPLIANT then vulnerabilities with CVSS base score greater than 4 0 were discovered on your externally facing IP addresses The accompanying Audit Report contains a detailed synopsis of each vulnerability prioritized by threat severity Each discovered vulnerability is accompanied with solutions expert advice and cross referenced links to help you fix the problem You should fix all vulnerabilities identified as a Security Hole Furthermore each report contains a condensed PCI specific Mitigation Plan a concise bulleted list of actions that you need to take to achieve compliance After completing the actions specified in the Mitigation Plan you should run another scan until the report returns a COMPLIANT Status Where can find and complete the Self Assessment Questionnaire Web Inspector PCI provides a free wizard that guide merchants and service providers through each stage of self assessment questionnaire Merchants have to answer all questions with Yes or N A to be considered PCI compliant Answering No to any question means the merchant or service provider is not compliant The risk s identified by the questionnaire must be re mediated and the questionnaire retaken After creating a user name and password merchants can save their progress
82. available for that domain Note the availability of TrustLogo link depends on your subscription type Administrative Email Web Inspector will check the WHOIS database and send a validation code to the email address of the domain administrator Website ownership verification Before Web Inspector can start scanning your website we need to verify your ownership of ihe website Choose a method of website ownership There are four ways you can verity website ownership Click any of the choices to read step by step instructions for that method Please select the method you prefel File Upload Upload a special file to your webserver O deta Tag Add a meta tag to your home page O Administrative Enmall Confit a code sentia ermall to the domains administrator Web Inspector will attempt to retrieve an administrative contact email address from your WHOIS record for the domain example carm lt an address can be found an email will be sent to this address The email will contain a unique validation code This should be copied and pasted into the relevant website ownership page on Web Inspector Click Verify to begin website ownership verification ONS CNAME Enter a code into your DNS CNAME record e Click the VERIFY button e Web Inspector will check for the administrative contact email address for the domain and if found in the WHOIS database will proceed to Step 4 e Click the SEND EMAIL button The verificati
83. ay in the list Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 35 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO Jita eLis mi for whee website Losin AEREI com b Inspector wall bro your aie looking tor links and t scan hose pages eb Inspector does not ing a page ihat vou need to be scan please add i here The URL has been added into the required list Enter URL here Marrow WAL displaying Np aa Due ye S COM COMentUpl Date Accepted 2019 04 16 08 47 41 UTC Disable URL Remove hip wear tunapeyza conWuYgulaMa Omeb Date Accepted 2013 04 16 08 36 17 UTC Disable URL Remove W You can disable a webpage from being scanned by Web Inspector Click the Disable URL beside the page entry that you do not want to be scanned and click OK in the confirmation dialog A message will be displayed that the monitoring has been stopped for the selected page desi nesta vidios tor the website Dpi REA an ygt lir tior will amp Our gile booking for links and then scan hose i eed Inspector does nat fnd a page thal you need io be scanned please add here al ai a APENDE Pas Ba The URL monitoring has been disabled Mo checking will take place Enter URL here Nanow URL displaying FILTER hipte tunapeyzaj comtap contentupl Disabled at 2013 04 16 08 50 25 UTC Enable URL Remove hth napeyzal corvuyguiama ormnek Date
84. bilities in successive scans because of the remediation actions taken at the end of each scan Each IP Domain in a device is indicated with a different color Pointing the mouse cursor over a bar in the graph displays the number of the vulnerabilities found in the respective P Domain in the respective scan This graph also indicates the administrator on the frequency of the scans and enables to check whether scans are being conducted according to their pre defined scan schedule Scan Time per Host A graphical representation of the time taken for scanning each IP Domain in the device Pointing the mouse cursor over a bar in the graph displays the time taken fr the IP Domain in hours Compliance per Host A graphical representation of the PCI compliance adhered by the IPs Domains of the device Pointing the mouse cursor over a bar in the graph displays the number of security holes warnings and false positives reported 2 5 7 4 Vulnerability Report A Vulnerability Report provides a detailed overview of scan results on a single IP Domain It includes a prioritized list of the vulnerabilities found expert remediation advice and thousands of cross referenced online advisories To view a Vulnerability Report of a IP Domain click the beside the respective device and then click the Vulnerability Report button in the row of the respective IP Domain Tip You can also click Vulnerability Report button beside the IP Domain name from the Device
85. boot record For G wait please Disk G should be bootable now Installation Finished Head the information above and then press any key to exit e Press any key to exit The Live USB Is successfully created and you can install and configure the agent on any local target device in your network and added to LAN Device Management area of HackerGuardian All you need to do is to boot the device through the Live USB To use the agent on a VM Machine e Download the zip file HGAgent zip from e Extract the file HGAgent zip to a folder of your choice e g C HGAgent e Start VMware Player by clicking Start gt All Programs gt VMware gt VMware Player e Alternatively open the folder where you have extracted the HG Agent through Windows Explorer and double click on the file HG VPN for VMplayer Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 76 coMoDOoO Creating Trust Online File Edt Yew Favortes Tools Help Cex te i P Search gt Folders it Address E DHG agentiHGAgent HG VPN For Mplayer HG YPN for YMplayer 1S VPN for Mplayver ase File and Folder Tasks e virtual disk Fae HMware virbual machine config Imi Rename this file ee ay Mowe this fie I Copy this Fie Q Publish this Fle to the web 3 E mail this file ae Delte this file Other Places 3 HGAgent Lj My Documents G Shared Documents ig My Computer J My Metwork Plac
86. bsite http buggerme com ebsites Cone figuratian B Disable Website Change Enail Repons False Posilives Scanning Opis TrustLoge Salus Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 22 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO e Click the Change Email link The current email address will be displayed Change recipient email for the website http buggerme com Enter the email address at which you want to recieve daily vveb Inspector repons and nottications adminstrator buggerme com ADD EMAIL C Dont send me a daily Web Inspector reports and notifications by email e Enter the new email address in the text box and click the ADD EMAIL The email successfully changed message will be displayed Change recipient email for the website http buggerme com Enter ihe email address al which you want to recieve daily Web Inspector reports and notifications Recipient email has been successfully changed bob example com ADO EMAI Dont send me a daily Web Inspector reports and notifications by eral e Select the Don t send me a daily Web Inspector reports and notifications by email check box if you don t want to receive any notifications from Web Inspector 2 3 0 3 Web Inspector Scan Reports The Web Inspector Scan Reports are highly informative graphical summaries of the malware affected
87. bsite ownership has not been verified Oenership Veriicalon Remove E hfip beooenne comi unlimited URLS Scanned at 2013 04 11 00 00 28 UTE TusiLepe Manage Reporl Remove W hiipsiexample come unlimited URLS The website ownership has noi been verified Remove w hip wovekyinios unlimiied URLS Scanned at 2013 04 11 00 30 36 UTC TusiLegs Manage io Li Remove w hip iorday me comy unlimited URLs Scanning Manage Report i Remove W e Click the Ownership Verification link at the end of row of the website for which you want to validate the ownership The Ownership Verification page for the selected website will be displayed Ownership verification for the website http example com Before Weblnspector begins checking your website for malware we need to check thatyou own the website This is done by verifying website ownership Choose a method of website ownership There are four ways you can verii website ownership Click any of the choices to read step by step instructions for that method Please selectithe method you prefer File Upload Upload a special file to your webserver Meta Tag Add a meta tag to your home page administrative Email Confirm a code sent via email to the domains administrator DNS CNAME Enter a code into your ONS CNAME record There are four methods available for authenticating your website e File Upload e Meta Tag e Administrative Email e DNS CNAME File Upload You download a
88. by clicking Skip and Finish Setup link at the bottom Please refer to the section Validating your Website if you want to validate your website at a later time There are four methods available for authenticating your website e File Upload e Meta Tag e Administrative Email e DNS CNAME Website ownership verification Before Web Inspector can start scanning your website we need to verify your ownership of the website Choose a method of website ownership There are four ways you can verify website ownership Click any ofthe choices to read step by step instructions for that method Please selectthe method you preter File Upload Upload a special file to your webserver meta Tag Add a meta tag to your home page administrative Email Confirm a code sentvia email to the domains administrator ONS CNAME Enter a code into vour ONS CMAME record You may skip this step and perform it later using the Ownership verification link Back Cancel Setup Skip and Finish Setups File Upload You download a specific txt file which is to be placed on the root of your web server Comodo will run an automated check and verify domain control based on the presence of this file Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 9 Creating Trust Online Comodo Web Inspector Administrator Guide aon f j j a 3 Website ownership verification
89. category is represented by a different color Pointing the mouse cursor over a bar in the graph displays the count of the respective item found The graph enables administrators to gain both an overview of the overall of health their network and to monitor the security of individual hosts within that network Vulnerabilities by Severity A pie diagram representation of proportions of security holes security warnings and security notes found for the entire device Pointing the mouse cursor over a sector in the diagram displays the percentage proportion of the respective item found Security Holes by Category A pie diagram representation of proportions of security holes of different categories like Trojan Horses file R W exploits Remote Procedure Call RPC exploits etc found for the entire device Pointing the mouse cursor over a sector in the diagram displays the number and percentage proportion of the respective item found Security Warnings by Category A pie diagram representation of proportions of security warnings of different categories like Firewall exploits etc found for the entire device Pointing the mouse cursor over a sector in the diagram displays the number and percentage proportion of the respective item found Vulnerabilities Trend A graphical representation of the comparison of the vulnerabilities found in the IPs Domains of the device during the last five scans This gives the trend of the reduction in the number of vulnera
90. ctor Subscriptions 4 Search Create New Manage Subscriptions Product name License key Subscription ie Sites Uris 2 ek ae SOD URL license tne a aa ena 2013 04 04 en TE Renew View 1 Found CAR wis Gr r The Accounts page contains four tabs e Web Inspector e My Account e Help e Contacts 2 4 1 Web Inspector Area If you have subscribed for only Web Inspector service the details of your service will be displayed directly in this page If you have subscribed for more accounts such as Comodo Online Storage Comodo Internet Security etc you have to select the respective product from the drop down in the first tab named as Services The page allows you to e Search for your subscription e Subscribe WI services for more websites e Renew your subscription and e View your subscription details To search for your subscription e Click or select Web Inspector from the first tab in your accounts screen e Click the Search link at the top right side of the screen The Search Subscription page will be displayed Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 41 Comodo Web Inspector Administrator Guide COMODO Creating Trust Online Veblnsnector dy Account aji og aut Comodo Weblnspector Subscriptions Search Create New Manage Subscriptions Search Subscription x Subscription ID Expired At Date inoit baal w w to bel E iy aoe E
91. d Parallel Checks Text box Set the maximum number of security checks that will be performed in parallel This may be reduced to a minimum of one to reduce network load The maximum number of parallel checks allowed is 10 of the number of IP addresses in your account and not exceeding 25 To illustrate If your license covers 50 IP addresses you can run scans on five IP addresses concurrently Lesser the number of concurrent scans faster will be the process Optimized Test Check box Allows the scan to be optimized by only performing tests if information previously collected indicates a test is relevant When disabled all tests are performed Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 92 A m Pa Comodo Web Inspector Administrator Guide COMODO Creating Trust Online p Pt ae j Port Scanner Options Nmap NASL Wrapper Check box Runs nmap 1 to find open ports scan for La Breatarpitted Check box Performs a labrea tarpit scan by sending a bogus ACK and ACK hosts windowprobe to a potential host Also sends a TCP SYN to test for non persisting lebrea machines SYN Scan Check box Performs a fast SYN port scan by computing the RTT round trip time of the packets moving back and forth between host and the target and using the value to quickly send SYN packets to the remote host Netstat Scanner Check box Runs netstat on the remote
92. de pane enables you to change the details of the credit card s associated with your account The details of the credit card you used earlier will be displayed To add a new card click Add Credit Card and fill in the form with the details of the new card This will help in pre populating your credit card details when your are renewing your subscription purchasing additional online storage space or subscribing for other Comodo Products or Services Subscribing for Other Comodo Products and Services The User Details page under My Account tab displays the currently enabled services for your account and a list of other products and services available from Comodo at its bottom Enabled Services Weblnspector Shon Up to Afiliate System Sign Up to Comodo Online Storage sijn Up to Antispam Gateway Sign Up to Comode System Utilities Sign Up to Comodo Internet Security Sign Up to Endpoint Security Manager Sign Up to LoginPro Sign Up to Comode Network Center Sign Up to Trust onnect Last Ten Orders Orders Description Vveb inspector 500 URL licenses TrustLago Setup Fee Saa ee Tue 04 Dec 2012 CC visa 478941 1 n E Web inspector 500 URL license TrustLogo Monthly 15 30 06 0000 4242 Access Fee 2012 12 04 201 3 01 04 15 00 Processed Theta 4 Founeal e To subscribe for other Comodo products or Services simply click the corresponding link and follow the enrollment procedure Viewing your Purchase History
93. des severity rankings of Low Medium and High in addition to the numeric CVSS scores but these qualitative rankings are simply mapped from the numeric CVSS scores e Vulnerabilities are labeled Low severity if they have a CVSS base score of 0 0 3 9 e Vulnerabilities will be labeled Medium severity if they have a base CVSS score of 4 0 6 9 e Vulnerabilities will be labeled High severity if they have a CVSS base score of 7 0 10 0 Additional Provides CVE index of standardized names for vulnerabilities and other information security exposures Information BID numbers and other references to the vulnerability CVE aims to standardize the names for all publicly known vulnerabilities and security exposures Examples of universal vulnerabilities include e phf remote command execution as user nobody e rpc ttdbserverd remote command execution as root Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 109 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO e world write able password file modification of system critical data e default password remote command execution or other access e denial of service problems that allow an attacker to cause a Blue Screen of Death e smurf denial of service by flooding a network Examples of exposures include e running services such as finger useful for information gathering though it works as a
94. ding WI Trust Logo to your Website e Validating your Website e General Website Configuration e My Account How to manage your account at Comodo Account Manager CAM e Web Inspector Area e My Account e Help e Contacts e PCI Scanning How to set up PCI scanning on your network e Starting up with Web Inspector PCI Scanning Service e PCI Scanning Service Infrastructure e PCI Scan e Internal Scanning e Account Preferences and Scan Settings e Scheduled Scans e Web Inspector PCI Reports e Purchasing Additional IP Packs e Web Inspector PCI FAQs Frequently asked questions about Web Inspector PCI e Web Inspector Services General FAQs e Web Inspector Services Technical FAQs e PCI FAQ 2 The Administrative Interface The main interface of Comodo Web Inspector WI allows administrators to have overall control of adding or removing websites for daily blacklist monitoring and or daily malware scanning configuring PCI scanning and to view the report results The image below shows the administrative interface after logging in Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 5 coMoDOoO Creating Trust Online inapti Detect Peobeci 8 web We inspector Chat with us Mow Call us 1 999 268 8981 Request a Callback Email List of Websites Manage your websites F httpwads aceweb net unlimited URLS Scanned at 2013 04 12 01 3042 UTC taeLoge Manage Repor
95. dvertised e inappropriate settings for Windows NT auditing policies where inappropriate is enterprise specific e running services that are common attack points e g HTTP FTP or SMTP e use of applications or services that can be successfully attacked by brute force methods e g use of trivially broken encryption or a small key space Each CVE name includes the following e CVE identifier number i e CVE 1999 0067 e Indication of entry or candidate status e Brief description of the security vulnerability or exposure e Any pertinent references i e vulnerability reports and advisories or OVAL ID Solution Provides expert advices on the action to be taken by giving a set of rules to be configured for the specific port service vulnerability This gives the best suited remediation measure for the vulnerability found 2 5 7 5 Mitigation Plan Web Inspector PCI will conduct an in depth audit of your network to detect vulnerabilities on your network and web server If your servers fail the test you will find lots of helpful advisories in the scan report that will help you patch the security holes Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 110 coMoDOoO Creating Trust Online Mitigation Plan You must underie the following remedial actions or provide us with the relevent information if you think the vulmersbilities are already patched or if co
96. e AEEA A EAA ONAA NAAT NAAA A EA A 70 Eo TOW PAGO A NOW DONO sesir E n eatwaisaesanssaplesnldeniineles 71 2 5 4 2 Internal Devices Man GRIME escanisnaincs cxsingitansdivandnccaniecraavisintenins tiaimcsctildntsitedantadeinaScirepventiuadnciunhetaantiniianannaenian 73 EDA OW O TS A iG 74 2 5 4 4 Configuring the AQeNt cccccccscsscssessssssssssescsscssssessseecsessessessecasseseessessusesseseesaesaeseseeseeseesaesasseseesaesaesaeegees 77 ee TV emi te AUT aE E ESEE E 80 ZO ABA HackerG ardian FCI oj si cotciwcrsssssasencaneurarsncriwmids yordadesdaan idyaanengeduasieaiainestennoneossensaatendusncieelaimasiaetiisadass 81 PAR PA o AE a E leas IE E ls cae A ne aes then gc E VA N EAA TA A A E esac 82 2 5 5 9 S6lBtt A Dovics Tor Sasson PROM Ch sia iatscieiccnstacassasti iene banedusncendateacidnadevsseuseraicasiecieteoeaies mun nemiacucs 85 Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 2 a re PEET eer E A E EI T A A A ONEA ANA 85 Pa OI oy e a A EE S E N EE EE E AE NA AT 86 A E et A ri E EEE EE E 87 2 5 4 7 Viewing a Dashboard Summary of Scan ROSIN ic sicc tccinacsisicoscadoneedecesnsnaacnseadescsdiudiwetedeavasaeeveidlamwameunenie 87 2 5 4 8 View Reports and Statistics a giichcs secsscueinncsoisncndirciicayctccerndtvn sud acsiebedbannsbnmssonsnasacuwonutdnensonausbebtininsaniananinidntenesdaiainiads 88 2 5 9 Account Preferences and Scan SSUWNGS casscsesscsrrachanacesrccsassnich
97. e Cona AFI 5 Why teen Eee for oom We want our users to feel safe when they search the web and we re continuously working to identify dangerous pages and to increase protection for our users Google uses automatic algorithms and user feedback to compile lists of sites that may be dangerous The two major types of dangerous pages on our lists are phishing pages and malware pages The lists of potentially dangerous pages are available to developers via the Safe Browsing API These lists cant perfectly protect users fram every risky site on the web and there is always a chance that a safe site could be misidentified as risky but we update the lists regularly to keep them as current as possible Phishing Phishing or spoofing is a type of attack in which a page asks you for your personal or financial information under false pretenses To learn more about phishing you can visit Antiphishing_orq f you believe that we re including a page on our list that is not a phishing page please send us a phishing error report You can also let us know about a phishing page if you find one that we ve missed MA 7 harm mm gp Internet Click the Return to Overview link to go back to the report summary page Clicking on the View Details link of other scanned activities will open the detailed report for the respective activity Some examples of detailed report are shown below Example of detailed report for Malicious Activity
98. e administrator for the specific device domain Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 90 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO Device Select the Device for which you wish to receive the scan alert message from the drop down box below Device If you wish to have the alert message for all the devices select All IP Addresses Select the IPs Domains pertaining to the device selected for which you wish to receive the scan alert message from the text box below IP Addresses If you wish to have the alert message for all the I Ps Domains select All Options Select the event for which you wish to have email notification from the drop down box below Options 5 Click Add The entry will be added to the list under Email Alert Options 6 Repeat the procedure for setting email alerts for different types of scans and different devices e To remove an Email Alert entry simply click the link Remove in the entry as shown below Email Address Device IP Addresses Domains Options l ismith example com ALL ALL Contact me when a scan starts Global Alert Options e Contact me if have not performed a scan in 3 months Selecting this option instructs Web Inspector PCI to send a remainder message for an on demand scan to the Account Email address if the administrator has missed to perf
99. e device will be added to your Web Inspector PCI Account The device will be validated for PCI compliance on your first on demand scan and the status will be updated accordingly Address i Status Scan ype Action Subnets yP Test Device All Addresses biennial targets coun Zt alll Teast Device 7 All Addres EAS Conant 1 a 201 a Dey Piel ocan Executive Report Tal Repori Charts tar getis coum alll Test device EJ ali Addresses Scanning iii PCI Scan Cancai can tar getis coum A alll Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 72 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO 2 5 4 2 Internal Devices Management The Device List area of the Web Inspector PCI interface provides the administrator with the possibility to the full complex of device management From here administrator can edit a device s details delete a device move a domain to another device or remove a domain from a device To access the interface for device management click the edit button beneath the device as shown below Address Subnets Stalus Scan lyp Action Test Device All Addresses hiennal targetis count Click here To add additional IPs 1 Open Edit Interface as explained above IP Addresses Domains Test Device IP Addresses Domains Delete Delete Device liternal 1 Addresses l E m 192 168 37 12
100. e displayed Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 33 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO Scanning Options http tunapeyZaj com Website Scanning Configuration Options scheduler sergent Required URLS The scanning options available are e Scheduling your daily WI scans e Changing the name of user agent e Adding specific pages to be scanned manually Scheduling your Daily WI Scans Web Inspector allows you set the time of the scans for your websites To set the daily scan time click the Scheduler link in the Website Scanning Configuration Options interface Schedule start scanning time for the website http tunapeyzaj com OU may set the start tirme of dally Scanning your website Hour o 4 min 15 ure Select the hour and minute at which the scan should commence in the Hour and Min drop down boxes and click the Update button The Schedule has been successfully changed message will be displayed Schedule has been successtully changed The daily WI scan will commence at the newly scheduled time Click the Return to Scanning Options link to go back to the Website Scanning Configuration Options screen Changing the User Agent s Name This setting lets you determine the browser type that the Web Inspector agent uses to identify itself to your website When making a request to
101. e links below for detailed explanations on steps involved in the Internal Scanning e Create new device to enable Custom Internal scanning e Manage existing devices e Install the Internal Scanning Agent e Configuring the Internal Scanning Agent e Start Scanning an Internal Device e View a dashboard summary of scan results from a specific device e View Reports and Statistics Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 70 coMoODOoO Creating Trust Online 2 5 4 1 How to Add a New Device 1 Switch to Device List area of the interface 2 Click on button beside Add New Device in the upper pane as shown below a dd New Device Device Address Subnets Status Scan Type Action 3 Select the Local radio button to enable internal scanning on the device Start Scan Device Mami Test Device irena Continue Cancel Address Subnets i Scan Type Action 4 Enter a friendly name for the device in the Device Name text box and click Continue Important Note The Device Name specified in this field must exactly match the device name that you set for the Device while installing and configuring the internal scanning agent in the local network see Configuring the Agent and Using the Agent Main Menu for more details on set up and configuration of the agent 5 Click Add in the ne
102. e provider does not store cardholder data the PCI requirements still apply to the environment that transmits or processes cardholder data Are there alternatives or compensating controls that can be used to meet a requirement lf a requirement is not or cannot be met exactly as stated compensating controls can be considered as alternatives to requirements defined by the PCI DSS Compensating controls should meet the intention and rigor of the original PCI requirement and should be examined by the assessor as part of the regular PCI compliance audit Are there alternatives to encrypting stored data Stored cardholder data should be rendered unreadable according to requirement 3 of the PCI Security Audit Procedures document If encryption truncation or another comparable approach cannot be used encryption options should continue to be investigated as the technology is rapidly evolving In the interim while encryption solutions are being investigated stored data must be strongly protected by compensating controls An example of compensating controls for encryption of stored data is complex network segmentation that may include the following e Internal firewalls that specifically protect the database e TCP wrappers or firewall on the database to specifically limit who can connect to the database e Separation of the corporate internal network on a different network segment from production fire walled away from database servers W
103. e subscriber e ASV company name Name of the approved scanning vendor Comodo CA Ltd e Scan expiration date The expiry date of the scan for which the report was generated e Start Time The date and time at which the scan was started e Finish Time The date and time at which the scan was completed e Total Scan Duration Time The total time taken for the scan e Plugins Used The number of vulnerability plug ins deployed during the scan e Atable providing the number of Security Holes Security Warnings and Security Notes identified the P Domain Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 108 Comodo Web Inspector Administrator Guide COMODO Creating Trust Online e Alist of open ports detected on the IP Domain and their respective communication protocols and dedicated services Following the scan summary the identified vulnerabilities are listed with their descriptions priority the plug in that identified the flaw risk factor expert advices for remediation etc An example is shown below Security Warning found on port service Ww ffx 27144 cp Status Fail This must be resolved for your device to be compliant Phin SSL Certificate with Wrong Hostname Category General Priority Medium Priority SviIopsis The SSL certificate for this service ls for a different host Descrimtion The commonhame CN ofthe
104. eating Trust Online Comodo Web Inspector Administrator Guide COMODO 2 5 1 Starting up with Web Inspector PCI Scanning Service This section explains how to configure and run your first scanning task using the Web Inspector PCI Scanning Service Click the links below for detailed explanations e Introduction to the Interface e Running your PCI Scan 2 5 1 1 Introduction to the Interface The streamlined web based main management interface provides easy access to each functional area of the Web Inspector PCI Scanning interface M vig tion Bar Web Inspector PEI Ona pa Schedule Reports My Acc curd SAD Help Lagat Web Inspector PC Overview Acco Sates PC Scan Status Man Camplamt 04 11 2013 12 05 Scans Lert 5 Addressesilioenalns Lefi 2 Device Dashboard Onder more Adirtsers Warmngs Address Submets www protdtinepa Al All Addresses HomLampiket a 11 2013 1205 Pl Sea Executive Report Gj Report Charts Aree Hishom La dean si CMe Shabus Scan Type a all Navigation Bar The navigation bar contains tabs to access each major functional area e Overview Displays the Overview and Device List areas The Overview area provides the administrator with a summary of the last scan and serves as a launchpad for starting a new scan on the selected device As the name suggests the Device List area contains a list of all devices created and
105. ector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 54 coMoDOoO Creating Trust Online Web Inspector PCI Setup Wizard E E Schedule Reports My Account SAG g schedule Scans ecthedule table shows all uptaming scans and current recuming schedules Account Status IP Addresses Scanning Schedule Scans Left AddressesiDomains Lett 1 rder more Addi esses Add New Schedule Select scan type Pid Scan a Select Device s Tesi Davioe 2 Cs Select IP Addresses 106 162 195 201 Doinas Set Start Date 04 17 2013 Recurrence Options C Weekhy Monthly O Quarterly C Every days Set Start Tine 11 00 1 Select the device on which you wish to schedule the scan from Select Device s drop down box 2 Select the IPs Domain pertaining to the selected device from Select IP s box If you wish to scan all the IPs Domains select All 3 Select the start date for the scan schedule by clicking the calendar icon beside Set Start Date text box 4 Select the recurrence period e Weekly The scan will be performed once in a week on the specified day and time e Monthly The scan will be performed once in a month on the specified date and time e Quarterly The scan will be performed once in three months on the specified date and time e Every N days Scan will be performed once for every n days from the start date For example if you specified
106. ector PCI scans originate from are 208 116 56 32 28 and 91 209 196 32 28 Or 2 No services are available on the host and it is secure Scan Compliancy have a dynamic IP assigned by my ISP Can still use Web Inspector PCI No It is not possible to use the Scan Control Service unless you have a static IP received an email saying new tests were added but Web Inspector PCI still shows the old number How do add them Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 119 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO Click the tick at the top of the plug selections to enable all new tests in the current scan This is explained in more detail in the Account Preferences and Scan Settings Does Comodo maintain any statistics about what of clients consistently a score of 0 on the High Risk threats Or what of all commercial servers would have this score Comodo does not maintain any sort of global statistics about the scan results we produce How do I upgrade from a trial account to the full version Upgrade PCI Scan Control Service Click My Account and in the Comodo Web Inspector Subscriptions screen click the Purchase More Licenses link Or Upgrade by buying the full version through this link http www webinspector com product_price php Remember to select Existing Customer and use your regular Comodo account username and
107. ed URLS 1 Created ak 2013 04 01 00 15 42 UTC Repon Remove nip sunapeyzalcon Malware Scanning Checked URLS 17 Created af 2012 03 31 00 16 58 UTC Rapti Remove hip wiunapeyza cori Malware Scanning Checked URLs 12 Created at 201 3 03 30 00 16 48 UTC Repoti Remove i hip iiunapeyzaj corri Malware Scanning Checked URLs 12 Created at 2013 03 36 00 16 42 UTC Repotcs Remove D h ptunapeyzal corm Walware Scanning Checked URLs 12 Created at 2013 03 23 00 16 32 UTC Repatii Remove W Ap unapeycal corr Malware Scanning Checked URLS 17 Created at 2201 3 03 77 00 16 38 UTC Repoti Remove W Q hiptunapeyraj cor Malware Scanning Checked URLS 12 Created ak 2013 03 21 00 16 41 UTC Reparti Remove W hip iunapeyzal corn Malware Scanning Checked URLS 17 Created at 2073 03 18 00 16 40 UTC Reporte Remove x http tunapeyza_ com Malware Scanning Checked URLS 12 Created at 2013 02 18 00 16 46 UTC Reports Remove W Display 20 items per page In the Reports area e the sites identified as safe and free from malware are highlighted in green e the sites identified as suspicious are highlighted in yellow e the sites identified as unsafe and containing malware are highlighted in red e the sites that produced inconclusive scan results are highlighted in gray The Reports of the website interface for the selected website allows the administrator to e Filter the Reports e View Detailed Reports of a website e Remove outdated
108. ed scan the results of a scan and the failure of a scan You can set your preferences for receiving the emails as you wish To configure email alert options 1 Switch to My Accounts area of the Web Inspector PCI interface 2 Click the Email Alerts link in the My Accounts area Web Inspector PCI Overview Schedule Reports My Account Account Information Email Alerts Custom Settings PEI Settings Email Alerts Email Alert Options Select email alen ophons for Lustom Scan Bmail Ackless eae IP Aci esses Duanana Ophions a All i Cortact me wher a ican starts vw au alobal Alert Options Go Contact me ifl have not perormed a scan in 3 months Contact me when neve vulnerability plug ins are added Contact me when the Report Pack is awaiting review Contact me ifa Report Pack issue is detected a E C Contact me when ihe thie Repat Pack is available L C Contact me ifthe Report Pack generation fails 3 Select the scan type for which you wish to receive the email notification from the drop down box beside Select Email alert options for Email Alert Options Select Email alert options for Custom Scan Email Address a IP 4 Select the preferences as given in the table below Option Description Email Address Enter the email address to which you wish to receive the scan alert message in the text box below Email Address This address can be different from the Account Email and can belong to th
109. emove W Manage Report Remove The list of websites added for daily WI scanning will be listed e Click the Remove link at the far end in the row that you want to remove the website hit demain Ji miimiieg l a WE i f i thee i Camnershig verhcathon Remove hip Vexennle conn milifnited URLS The Wwebsiie manership has not been rented Owiriers kil writes parore b G hto ites Es ria mlmied URLs Scanmed at 2013 04 10 001535 UTC Trustlogo Manage Report 3 Rerrncve X Pitty iro anria corri rulirriitend LRI Sga Manage Aapon Remon W e Click OK to confirm the removal 2 3 2 Viewing Last Scanned WI Reports The Web Inspector Scan Reports are highly informative graphical summaries of the malware affected status of enrolled websites WI Reports include e Scan reports of all the web pages of websites enrolled for Daily Malware Scanning e Scan reports of index home pages of the websites enrolled for Daily Blacklist Monitoring To view the last scanned WI Reports e Click Websites at the top of the interface The list of websites added for daily WI scanning will be listed Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 16 A f a n A Comodo Web Inspector Administrator Guide COMODO Creating Trust Online f H f hip Ndemaino ongi Shea L j i i I i hee Bi Ownershig Vernhcahon Remove hit Vesta 2 conn millirniitead URLs T
110. erniall every Gay wiih the status Of your Website There are multiple subscriptions available on your account Please choose the subscription to use for this site 5 gites with unlimited URLS O sitets with 4 URL limit and Webinspector trustLogo service i ry rh 20 site s with unlimited URLS and Weblnspector TrusiLogo semite i Cancel Setup e f you have multiple Web Inspector account subscriptions select the subscription package to which you want add the website and click the Continue button e Step 2 Enter the email address to which the Web Inspector reports and notifications will be sent daily setup Recipient Email Enter your email address to whith you will recene daily Weblnspector repons and notifications administratorstexample com ADD EMAIL Back CancalSelup Next gt e Click the ADD EMAIL button or Next You can review the entries or cancel the website add process by clicking Back or Cancel Setup respectively anytime during the process Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 8 Comodo Web Inspector Administrator Guide COMODO Creating Trust Online f Pr a Pa e Step 3 Website ownership verification You have to demonstrate ownership of the domain before WI can start scanning the website Note You can also choose to skip the website ownership verification at this moment
111. es The Agent starts on the VMware Player and allows you to configure it See Configuring the Agent for more details 2 0 4 4 Configuring the Agent To start the configuration boot the device through the Live CD or the Live USB Step 1 The agent starts building a list of block devices for storing the configuration files The agent detects hard disks USB memory drives and or other available block devices containing with live file system like FAT 12 FAT16 FAT 32 VFAT ext2 ext3 XFS reisrfs etc and proposes a list of valid devices for you to choose from Select a device to store the configuration files Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 77 Comodo Web Inspector Administre COMODO Creating Trust Online C 0 4 0 0 0 HackerGuardian VPN Agent device for session profile select a device to store config data Hitting lt cancel gt will use none This is pretty safe but small probability of loosing data remains If selected device already contains comodo save data it will be overwritten Cance l gt Step 2 The agent asks for a short description of the saved configuration You can give a short name description for the configuration Max 40 characters Step 3 The network configuration dialog appears to specify the network configuration settings The available network adapters are detected and displayed as a list Only one network adapter can be used
112. es If you wish to have the alert message for all the ns Ps Domains select All Alert Option Select the event for which you wish to have email notification from the drop down box below Options 2 Select the Global Alert Options e Contact me if have not performed a scan in 3 months Selecting this option instructs Web Inspector PCI to send a remainder message for an on demand scan to the Account Email address if the administrator Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 56 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO has missed to perform a scan for three months e Contact me when new vulnerability plug in are added Selecting this option instructs Web Inspector PCI to send a notification email to the Account Email address whenever a new vulnerability plug in is added to Web Inspector PCI enabling the Administrator to deploy the plug in in future scans e Contact me when the Report Pack is awaiting review Selecting this option instructs Web Inspector PCI to send a notification email to the Account Email address whenever the administrator has attempted to download the Web Inspector PCI Scan Report pack by clicking the Generate Report Pack in the Reports area and the Report is under review by a PCI CSS approved staff of Comodo The Report will be available for download upon completion of the Review and appr
113. es now mean that businesses need to ensure that their websites are tested and are secure against all known vulnerabilities Furthermore organizations such as the Payment Card Industry PCI have introduced guidelines that make server vulnerability testing a mandatory requirement The Web Inspector PCI Scan Compliance service provides merchants with a fast low cost way of meeting the PCI scanning guidelines Is there a User Manual for Web Inpector There is an online manual at the following location http help comodo com topic 208 1 490 5111 Introduction to Comodo Web Inspector html Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 118 Comodo Web Inspector Administrator Guide COMODO Creating Trust Online j A f a f 2 6 2 Web Inspector PCI Services Technical FAQ e Do need to allow the Web Inspector PCI scanning IP address e signed up and got the following message No vulnerabilities were found and the host did not respond to any of our checks what does this mean e Scan Compliancy have a dynamic IP assigned by my ISP Can I still use Web Inspector PCI e received an email saying new tests were added but Web Inspector PCI still shows the old number How do add them e Does Comodo maintain any statistics about what of clients consistently a score of 0 on the High Risk threats Or what of all commercial servers would have this score
114. eside the text box IP Addresses Domains Test Device 3 IP Addresses Domains Delete Delete Device 1 Addresses Free IP testdomain corn x Add AddressesiDomains 2 Add IF Add AddressesiDomains Add Multiple Addresses Please check discovered components currently out of scope 8 The IP s Domain s will be added to the device If you want to add more IPs or Domains repeat from Step 6 9 After adding required IPs and Domains to the Device Click Save The device will be added to your Web Inspector PCI Account The device will be validated for PCI compliance on your first on demand scan and the status will be updated accordingly Address Subnets Scan Type Action Test Device 3 All Addresses i targets count all Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 66 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO 2 5 3 4 Devices Management The Device List area of the Web Inspector PCI interface displays all devices that have been created in this account From here the administrator can edit device details delete a device move a domain to another device or remove a domain from a device To access the interface for device management click the edit button beneath the device as shown below Address subnets Scan Type Action Test Device 3 All Addresses 1 targets coum i Click here
115. ess whenever the administrator has attempted to download the Web Inspector PCI Scan Report pack by clicking the Generate Report Pack in the Reports area Report has been reviewed by a PCI CSS approved staff of Comodo and an issue has been detected in the generated report Refer to Downloading Report Pack for more details e Contact me if a Report Pack generation fails Selecting this option instructs Web Inspector PCI to send a notification email to the Account Email address whenever the administrator has attempted to download the Web Inspector PCI Scan Report pack by clicking the Generate Report Pack in the Reports area and the Report generation has failed for some reasons Refer to Downloading Report Pack for more details e Click Save Changes for your settings to take effect 2 0 0 3 Custom Settings The Custom Settings area enables an administrator to configure the Web Inspector PCI scans like specifying port range to be scanned number of parallel checks to be done concurrently selecting Port Scanner options selecting plug ins to be used for scanning and more To access the Advanced Options area Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 91 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO 1 Switch to My Accounts area of the Web Inspector PCI interface 2 Click the Custom Settings link in the My Accounts area Web In
116. essessessesasseccaeceecaecaeseesausaeseusenseasereseaneeaneens 119 Ae E NTON EPE OEA E AAA E A AA A A A vated tated T TA 121 e o 0 ig 8071 66 e P A TE I nye T E A I AE NE PN O A A A I ANA A AE 126 Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 3 Creating Trust Online Comodo Web Inspector Administrator Guide a 1 Introduction to Comodo Web Inspector Comodo Web Inspector is a powerful malware and blacklist monitoring service for websites If malware is discovered or if the website is found on any one of a range of website blacklisting services then the account owner is immediately notified via email This early warning system helps save thousands of website owners per year from the potentially catastrophic effects of seeing their website blacklisted Web Inspector also incorporates a fully fledged PCI Scan Compliance solution powered by HackerGuardian technology This enables qualifying merchants to meet the network vulnerability criteria laid out in section 11 2 of the PCI guidelines The Web Inspector PCI solution also offers a free compliance wizard to guide merchants through all other requirements of the guidelines Web Inspector features and benefits e Automatic daily malware scans of all website pages including any sub domains e Daily checks that your website is not present on any Internet blacklists e Immediate notification if problems are discovered e Full reports
117. est you will find lots of helpful advisories in the scan report that will help you patch the security holes After your infrastructure passes the scan Web Inspector PCI will automatically generate the PCI Compliance report that you need to send your acquiring bank as to demonstrate your compliance Find out more about Web Inspector PCI Scanning Services 3 Send the completed questionnaire attestation and the Scan Compliance report to your acquirer Both the PCI Scan Compliant report and the Annual Self Assessment Questionnaire should be turned into your merchant bank Your merchant bank will then report back to the Payment Card Industry that your company is PCI Compliant Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 125 A m Pa Comodo Web Inspector Administrator Guide COMODO Creating Trust Online ee About Comodo The Comodo organization is a global innovator and developer of cyber security solutions founded on the belief that every single digital transaction deserves and requires a unique layer of trust and security Building on its deep history in SSL certificates antivirus and endpoint security leadership and true containment technology individuals and enterprises rely on Comodo s proven solutions to authenticate validate and secure their most critical information With data protection covering endpoint network and mobile security plus identity and
118. estarted If you do not want to save the settings select Do nothing The previously stored configurations will be retained and the new configurations will not be saved After successfully configuring the network adapter the network state will appear green in the lower right corner of the screen The network state will be displayed in black if any connection problems arise indicating that the network connection setting are to be reconfigured Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 84 Comodo Web Inspector Admini trator Guide COMODO Creating Trust Online 2 5 4 5 3 Select a Device for Session Profile The storage device chosen previously for storing the configuration settings and the session profiles can be changed configured by choosing this menu Selecting this menu again starts building a list of available block devices for storing the configuration C O 4 0 0 0 HackerGuardian YPN Agent device for session profile Config data found on device s Select one or lt cancel gt to not use any and choose another device Cance l gt e Select and configure a storage device to use as a permanent storage for Live CD runtime configuration files This is useful when you plan to boot and run the Live CD more than once with the same network settings and other configurations and do not want to reconfigure every time The agent detects hard disks USB memory drives and or other a
119. esults from a specific device e View Executive Summary and Vulnerability Reports after running an on demand scan 2 5 3 3 How to Create a New Device In order to run a PCI scan the administrator must first create a Device A Web Inspector PCI Device is an umbrella term that describes a grouping of IP addresses and or domains that are to be used as the target for a PCI scan Web Inspector PCI Devices can be used to mirror a real life device For example a single machine in your organization s infrastructure may have multiple IP addresses and domains which host different services The PCI DSS guidelines state that all these IP addresses and services must be scanned By associating multiple IP addresses and domains to a single Web Inspector PCI Device you can simulate your real life device and scan it for PCI compliance in one pass All customers must create a device before PCI scanning can commence Important Notes e When creating a device Web Inspector PCI requires that you specify all the IP addresses belonging to your target server host or other device e You must have at least one PCI scan compliancy license e You can add and scan as many IP s as allowed by your PCI license These IP s can be spread across as many devices as required e Atleast one IP address or at least one domain name that you wish to scan for PCI compliancy has been added to the device If you only specify a domain name then the PCI scan wil
120. ettings more devices events 4 Click Next to continue the wizard Note You can always view modify the email alert options from the My Account area of Web Inspector PCI interface Click here for more details Step 4 Start PCI Scanning The next step is to commence the PCI scan on a device Web Inspector PCI Setup Wizard 1 2 3 Schedule Reports My Account SAQ g Start PCI Scanning ili le PCI Stan on selected devices righi moe 108 162 195 201 EE N 1 Select the device on which you wish to commence the scan from the Select Device s box If you want to run the scan for all the devices at once select All 2 Select the IPs Domains in the next box If you want to run the scan for all the IPs Domains associated with the selected device at once select All 3 Click Finish to commence the scan The scan will be initiated and you can see the progress in the Overview area Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved i Creating Trust Online Comodo Web Inspector Administrator Guide COMODO Web Inspector PCI Schedule Reports My Account SAQ Logout Web Inspector PCI Overview TAA s Accom stalig PCI Scan Status i dresses Domalns Len Device Dashboard i i dga Addresses Hola Warnings Notes 12 Motes am 10 P t a a aj 2 F A J D ne aii Warnings get t Address
121. fic vulnerabilities You Mmap NASL Wrapper anne Ean eet ea ee ey 2 Ha pina Can customize a vulnerability scan to Check Tor speciic winerabiliies iy C Scan tor La reatarpited hosts selecting the plugins listed below To initiate your customized scan select Custorn Scan horn the Start Stan options C syn Sear Pl netetat Scanner On Vulnerability Plugins Families i are ekai i i of El Gai rool remolalr z 57 Cl CGI abuses avelebhe pugna amilie CGl abuses 56 E C iird O a Select All Deselect All e Select the plug in families you wish to deploy Note You must select Custom Scan for the chosen plug ins to be deployed while starting scheduling a scan e Click Save Changes for your settings to take effect 2 9 0 4 PCI Settings The PCI Settings area enables the administrator to customize the scan start page and to include hidden urls to be scanned for a Device and to specify the maximum number of concurrent scans e By default the scanning is started from the main website page If the index page of the website is different from the main site page the administrator has to specify the index page url as the Start url in order to start the scanning from the index page Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 94 Creating Trust Online Comodo Web Inspector Administrator G uide ye nance j j lf the website s cont
122. g any security issues with remediation advice and advisories to help fix them Following a successful scan no vulnerabilities rated higher than CVSS base score 4 0 merchants receive an official PCI compliance report that can be sent to an acquiring bank The Standard version enables merchants to run 10 PCI scans per quarter on up to 5 IP addresses using the full complement of over 21 000 individual vulnerability tests The Enterprise version is a more powerful and flexible service which provides for up to 100 scans per quarter on 20 IP addresses Web Inspector Free PCI Scan The Free PCI Scan service is valid for 90 days and allows merchants to achieve PCI scan compliancy free of charge The service contains all the functionality of the Scan Compliancy but restricts the user to 5 PCI scans per quarter on a maximum of 3 separate IP addresses The service generates an official PCI Compliant report after every successful scan Why do I need vulnerability scanning if have an SSL certificate SSL certificates do not secure a web server from malicious attacks or intrusions High assurance SSL certificates such as InstantSSL provide the first tier of customer security and reassurance namely e A secure connection between the customer s browser and the web server e Validation that the web site operators are a legitimate legally accountable organization However consumer fears in the light of recent attacks on high profile merchant web sit
123. hat are the compliance validation reporting requirements for merchants Under the new PCI standard the compliance validation requirements for merchants of the VISA CISP and MasterCard SDP programs have been aligned so that merchants need only validate their compliance once to fulfill their obligation to all payment cards accepted Merchants will provide compliance validation documentation to their Acquirer s Compliance validation documentation consists of the annual self assessment questionnaire and the quarterly PCI scan compliance report Do merchants need to include their service providers in the scope of their review No Service providers are responsible for validating their own compliance with PCI regulations independent of their customers What is a network security scan A Network Security Scan involves an automated tool that checks a merchant or service provider s systems for vulnerabilities The tool will conduct a non intrusive scan to remotely review networks and Web applications based on the external facing Internet protocol IP addresses provided by the merchant or service provider The scan will identify vulnerabilities in operating systems services and devices that could be used by hackers to target the company s private network As provided by qualified scan vendors such as Comodo the tool will not require the merchant or service provider to install any software on their systems and no denial of service attacks will be performed
124. he scan until the compliance is achieved Security Notes A vulnerability whose severity level is more than one or Low is indicated as a Security Note Each Web Inspector PCI report indicates the Security Holes Security Warnings and Security Notes found on each device IP Domain and also provides solution for remediation Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 100 Creating Trust Online Comodo Web Inspector Administrator G uide ye COMODO The Scan Reports produced from the PCI scans can be assessed from the Reports area of the Web Inspector PCI interface displayed by clicking the Reports tab from the Navigation bar From this interface you can e View the scan reports e Submit False Positives e Track the status of Submitted False Positives e Download the entire reports as a zip file by clicking the Generate Report Pack button 2 5 1 1 Viewing Scan Reports Clicking the Scans link in the Reports area opens the list of the scan reports produced by Web Inspector PCI at the end of each scan Web Inspector PCI Overview Schedule Reports My Account SAQ Logout Scans False Positives Tracker Report Packs Reports Status AddressDon E n rat F i i Hj Wiew PC Aepalz ka Staus il kai Generate Report Pack Address Domain Search Address Subnets Status z i Scan ype Action Test Device 2 All Addresses Compliant 01 07 2
125. he text box and paste it into your website home page as a new line anywhere between lt Head gt and lt Head gt tag e Once this is done click the Verify button to initiate the verification check e Comodo will check for existence of the tag to prove domain control Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 18 Creating Trust Online Comodo Web Inspector Administrator Guide Dae j j Ps e After successful verification Manage and TrustLogo links will become available for that domain Note the availability of TrustLogo link depends on your subscription type Administrative Email Web Inspector will check the WHOIS database and send a validation code to the email address of the domain administrator Ownership verification for the website http example com Before Wweblnspector begins checking your website for malware we need to check that yoy own the website This is done by verifying website owamershin Choose a method ofwebsite ovwnershir There are four wars yOu Can verify website ownership Click any ofthe choices to read slep by step instructions for that method Please select the method you preter File Upload Upload a special file to your webserver Meta Tag Add a meta tag to your home page Administative Email Confinn a code sent via email to ihe domains administrator Web Inspector will attempt to re
126. he website ownership has not been ventied Ownership Verification Remove W G bitten Aerts E riai millmited URLS Scanned at 7013 04 10 00 15 35 ITG Trustloge Manage Report Wf Remove Manage Repon BI Remove X hip Horoa m corr nlii WA oe e Click the Report link at the end in the row of the website that you want to view the reports The report overview page of the last run WI scan will be displayed Click the Details link in the page to view the compete report of the last run scan To view the complete list of reports of the WI scan from the day of subscription for the website click the Return to Reports List link located at the top right side of the Report interface Note You can also view the complete WI reports in the General Website Configuration screen Refer to the section Web Inspector Scan Reports for more details 2 3 3 Adding the WI logo To Your Website The Web Inspector Trust Seal is a symbol that conveys the message to your website visitors that the site is safe secure trusted and verified thus increasing the conversion rates of visitors to potential buyers To add Trust Logo to your website e Click Websites at the top of the interface The list of websites added for daily WI scanning will be listed hipNdemamna ong SA L ESE E If ij Hee E Panership vernie atan Remove hip Teraniple conn mlirmmited URLS The websie manership has not been rented amnershio Verfication Rer
127. icense aldeGdSe G61d4c7b 0 tC ee ee aaa P a dipa zep Se E 74C19F0617 2013 01 04 1 500 WALID Renew View Show Comodo Weblinspector Subscriptions x Product name Web inspector 500 URL license TrustLogo License key m mse ee ee S amp S eee Subscription a eee StesiLrls 1 500 From date Tue 04 Dee 2012 15 30 03 0000 To date Fri 04 Jan 2013 15 30 03 0000 Is active VALID Close 1 Found The license key and subscription details have been intentionally blurred and will be clear in your accounts page Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 44 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO e Click Close or the E button to return to the subscriptions page To return to Web Inspector website from your accounts page e Click Manage Subscriptions link to return to the Web Inspector services website 2 4 2 My Account The My Account tab displays the full details of your account with Comodo Accounts Manager My Account Help Contacts User Details Account Details User Details Change Paseword Login DemoAccount3 Change Contact information Enrvaiil r a Change Email Acklress Firet Hante tesi credi Cards Management Lest Mame test Purchase History Contact Address Address test City test State Alabama Postal Code tes 23 Country United States Enabled Services Weblnspector Sign Up to Affiliate System
128. idual vulnerability test is known as a HackerGuardian Plug in Each individual plug in is written to test for a specific vulnerability These can be written to actually exploit the vulnerability or just test for known vulnerable software versions HackerGuardian is continuously updated with the latest plug in vulnerability tests via a direct feed available to all PCI Scanning Service subscribers providing up to the second security against the latest vulnerabilities At the moment there are over 30 000 with more being developed and added weekly This area enables the administrator to choose which plug ins are deployed during a scan Plug ins can be enabled or disabled by their family type basis To choose the vulnerability plug in families click the Vulnerability Plugins Settings link from the Advanced Options interface Web Inspector PCI Cveriew Schedule Reports My Account Account Information Email Alerts Custom Settings PCI Settings Advanced options Scamming ern Options Port Range Safe Checks Nol recommenced far default H l inexpenenced usara Click Designate hosts by their MAC addresses here to view 2 description of thease opion al Consider unscanned ports as closed Exclude l p level domain wildcard host Parallel Checks 4 Nessus TCP Scanner Eee Of Ping ihe Remote Hoste Vulnerability Plugins Satins a Opilmized Tesi Pat scanmer Options B AE P Plugins are used bythe scanning engine to check for speci
129. if nothing is checked o Slow 1 Parallel Check Humber of checks performs in paralle High Plugin Preferences Weadiun O f Ing me Remote Hosts C Do an applicative IUP ping pe ONS RPC ka Si biore Scan Options F Safe Checks Pon Range taul i Caa Cl Designate hosts by their MAC addresses aa a a a ii Exclude top l vel domain wildcard hast CL Optimized Test O Nessus TCP Scanner LI Wm ap MASL rapper i O Sean for LaBreatarpitted hosts OO SYN Sean LJ Metstat Scanner Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 95 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO This area allows the Administrator to e Specify the target urls including hidden urls to be scanned e Specify the maximum number of allowed concurrent scans and select scan options Specifying Target URLs for Scanning 1 Select the Web Inspector PCI Device for which the PCI Settings are to be customized from the Device drop down 2 Select the IP Address Domain contained in the Device 3 Enter the start page or index page of selected domain in the StartUrl selection textbox and click Save Add Note The domain name need not be repeated and the startpage should not be ended with a If this field is left blank the scanning will be started from the main website page For example if the index page of the domain testdomain com is www testdomain com
130. inistrator Guide 2015 Comodo Security Solutions Inc All rights reserved 98 A i ra Comodo Web Inspector Administrator Guide COMODO Creating Trust Online Fi A f a f a j Select scan type PL Scan Ww Custom Scan 3 Select the device from the Select Device s drop down box Select Device s Test Device 2 w Test Device 2 Test Device 3 Test device 4 Select the IPs Domain pertaining to the selected device from Select IP s box If you wish to scan all the IPs Domains select All All Select IP Addresses testdomain cam Domains 5 Select the start date for the scan schedule by clicking the calendar icon beside Set Start Date text box Set Start Date 01 08 2013 ah January 2013 O Su Mo Tu We Th Fr Sa thalas 6 9 1 11 12 13 144 15 16 17 18 19 Set Start Time 20 21 22 23 24 25 26 27 28 29 30 31 6 Select the recurrence period Set Start Date 01 08 2013 Recurrence Options Weekly monthly Quarterly Every 0 days e Weekly The scan will be performed once in a week on the specified day and time e Monthly The scan will be performed once in a month on the specified date and time e Quarterly The scan will be performed once in three months on the specified date and time e Every N days Scan will be performed once for every n days from the start date For example if you Comodo Web Inspector Administrator Guide
131. isting devices for Web Inspector PCI scanning Address Subnets ScanType Action TestDevice E All Addresses Non Compliant 12 19 2012 05 09 PCI Scan Eii iii Report Charts 1 targets count z al Test Device 2 D All Addresses Compliant 12 19 2012 06 12 PEI Scan Executive Report il Report Charts i target s count Zt alll The following table provides description of information columns in this area Column Possible Description Values Device Text Displays the device name a friendly name which was given by administrator when creating the device and the total number of IPs Domains associated with the device Address Subnets Text Displays all the associated domains e g www domain com or IP addresses that administrator specified for the device Click the button beside All IPs to view the list of IPs and the Domains Status Compliant Indicates that the device IP domain is PCI scan Compliant as per the last run PCI scan Non Indicates that the device IP domain is not PCI scan Compliant as per the last run PCI Compliant scan Passed Indicates that the device IP domain has passed the last run Web Inspector scan Failed Indicates that the device IP domain has failed the last run Web Inspector scan Date Numeric Displays the date of last run scan for the device IP domain Scan Type PCI Scan Indicates that the device IP domain is PCI Scan enabled Cust
132. istrator Guide COMODO The General Website Configuration of the selected website will be displayed Management of the website http lvovsky info Ganera Website Conhiguraton Bs Disable Website Change Email Reports False Positives Scanning Optians TrustLogo Status e Click the TrustLogo Status link Note The availability of TrustLogo link in the interface depends on the license that you have purchased See the section Subscribe WI services for more websites in Web Inspector Area on how to purchase WI services with TrustLogo sion TrustLogo a dal eee http Dhiata info eb inspector TrusiLoge can mya be pl ji febsile The Trustlogo helps build busi with websile visitors by reassuring ther thal your site ale secure amd Fi are MEE n setup your TustLega by adding sarne simple javascript to every page you wani ihe lago to be shored Step 1 Edit tha HTML sou of thie pa pu wart the Weblnsgector Trustloge io appear oan It should be one of fie pages Webln pecior has checked on the website hitphwovsey infor step 2 Copy the folloving code and paste il anhetere wilhin fie HEADS HEAD section A Pai JACrTipt langusge Javascript CypPe TLekCsS JAVaScript gt TRE CO t loco pindod location protocol pttES 7 ht tpa fteoust logo comodo com s i ACE LpPtrteustlogo ja Thttp teust logo comodo com si script trust logo js nae a Copy hie following code and paste tt anpehere ihan fie
133. ity Solutions Inc All rights reserved 19 Comodo Web Inspector Admini COMODO Creating Trust Online C 0 4 0 0 0 HackerGuardian VPN Agent network configuration Network configuration settings provided configuration to bring network up to change network settings to get back to menu lt modify gt lt do nothing gt The configuration will be saved If you want to edit the settings before saving select Modify The Network configuration will be restarted If you do not want to save the settings select Do nothing The configuration will not be saved and the network configuration will be restarted The main menu will be displayed on completion of the configuration You can modify the configuration at any time through the options in the main menu 2 9 4 5 Using the Agent Main Menu The Main Menu of the HackerGuardian VPN agent contains the following options C O 4 0 0 0 HackerGuardian YPN Agent main menu network configuration select device for session profile diagnostic console Shutdown the system help info Oh UN ee Oo m Click the following links for more details e HackerGuardian agent Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 80 coMoDOoO Creating Trust Online e Network configuration e Select a device for session profile e Diagnostic console e Shutdown System e Help info 2 0 4 5 1 HackerGuardian Agent The Hacker
134. king Suspicious View Details ie a e Phishing Safe Website hitpltunapeyeaj com Malicious Acti High Risk View Detalls Show Whais information Mahvare Downboads Suspicious View Details Suspicious Activity Safe Against each scanned activity in the left side of the report a View Details link will appear if found to be suspicious high risk and inconclusive Clicking on the View Details besides an activity will display the detailed report for it For example the View Details link besides Blacklist Checking scan will display the warning that this is a high risk site CI Return to Overview Report for http tunapeyzaj com This iS a high risk site Blacklisted Details Sean Time 201 04 01 13 30 44 UTC Website Details T Possinie manware sita Acdsory provided by Google e Clicking Advisory provided by Google link will take you to the Google Safe Browsing FAQ page that explains why this page is qualified for blacklisting if found containing Malware Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 26 coMoODOoO Creating Trust Online p j f f gt Safe Browsing FAQ Google Safe Browsing API Google Code Windows Internet Explorer File Edit View Favorites Tools TEE w Favorites 3 Eds ggested Sites 48 Web Slice Gallery BE Safe Eme FAQ Googe Saf
135. l actually take place on the IP address that this domain resolves to e P address do not need validation PCI compliance scans on IP s can begin immediately To create a new device 1 Switch to Device List area of the interface 2 Click on button beside Add New Device in the Device List area as shown below Start Scan lt Address Subnets Scan Type Action 3 Select the PCI device radio button to enable PCI scanning on the device Start Scan lest Devica Continue Cancel Address Subnets Scan Type Action 4 Enter a friendly name for the device in the Device Name text box and click Continue Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 64 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO Name I Addresses Domains Test Device 3 IP Addresses Domains Delete Delete Device Addresses Please check discovered components currently out of scope Add Free F AddressesMDMomains 3 5 Click Add in the next screen 6 Enter the Domain name s or IP addresses to be associated with the device in the Add IPs or Domains text box You can add as many IP addresses as allowed by your PCI license If you want to add more than one IP or domain click on the link Add Multiple Addresses and enter the IPs domains separated by commas IPF Addresses Domains Test Device 3 IP Addresses Domains
136. licious activity detected Print repon Mark As FP ito ara buna pez Corvhizretberinniz High Risk Malicious adivit detected Print reget Mark As FP O Atinae unaperzaj tormiiuyaama miak _ High Risk Malicious activity detected Printraport Mark 4s FP O higiena buna peyza corr High Risk Malicious activity detected Print repan Mark As FP amp hia ara Dupe CORE anbeniypl Sale No malicious code lles or actity detected The details provided under each column are described below e URL The url of the scanned page If the full url could not be displayed within the width of the column clicking on the displayed portion will open a pop up showing the full url X hip tinapeyea com merak ettikleariniaigubre ibtivacil a Car i ry i Lin deci laa pic TE S T E ENET beds NTT TE ne Arar Aree e Result Shows the result of the malware scanning on the page The result can be one of e Safe The page contains no malicious code files or activity e Suspicious The page is identified with suspicious code file or behavior by the scanning engine e High Risk The page is identified with dangerous code file or behavior by the scanning engine e Inconclusive The scan terminated without providing conclusive results Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 30 Comodo Web Inspector Ad mit nistrator Guide l COMODO Creating Trust Online
137. logy wherever required Web Inspector PCI setup Wizard Schedule Reports My Account SAQ g Ei 3 4 Welcome to HackerGuardian This wizard will guide YOU Trough he process of mar aging amg initiating scans First we need to setup a device for scanning A device is a vay of grouping multiple addresses sa you can better Organize and Mariage scans YOu tan name a devica whatever you like We recommend a descripive niare S0 you will remember il later Simply name a device and list he IP addresses you would like grouped into this device You can change this at any ime in the OVERVIEW fab in the fable below the dashboard Device Hante Test Device 2 r IP Adili esses 106 167 195 701 T Domams Nex gt gt e When creating a device Web Inspector PCI requires that you specify all the externally facing IP addresses Domains belonging to your target server host or other device Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 53 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO IP Addresses Domains Acton Test Device 2 IP Addresses Domains Delete Delete Device 11P Addresses Domains 108 162 195 201 x Add Please check discovered components currently out of sco m F F Addresses Domains 3 Note You can check for the IP addresses and the domains which have been previously entered and deleted or the IP Addresses that were detected th
138. mary of the results will be displayed in the Overview area If you want to switch to the scan results of other devices click the bar graph button beneath the device name as shown below Address F eed 3 RS Subnets Status Scan lyp Acton Test Device Ay Addresses Compliant 01 03 2013 DHU Custom Scar Executive Report Dij Report Charte imien niil aje Click here Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 87 Creating Trust Online Comodo Web Inspector Administrator G uide ye COMODO 2 5 4 8 View Reports and Statistics e Click the Executive Report button beside the device name to view the Executive Scan Report e Click the Charts button lal next to any device row to view statistics and graphical summaries of scan results and vulnerabilities e Click the Vulnerability Report button beside a device s IP domain name displayed by clicking the button to view your vulnerability report After a successful PCI scan you can also download a report pack which contains official documentation that can be sent to your acquiring bank Refer to Web Inspector PCI Reports for more details 2 5 5 Account Preferences and Scan Settings The My Accounts area of the Web Inspector PCI interface displays your account details license information and your email alert settings and also allows you to change them if required It also enables you t
139. mary report screen Checked URLs The Checked URLs area provides a list of scanned web pages urls of the website The Checked URLs area displays the scan result of each and every page scanned enables you to view the report details of individual pages print the report for the pages identified as High Risk and Suspicious and report an unsafe page as False Positives You can also filter the reports to be viewed Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 29 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO j j Checked URLs Marrow report displeyin algae Show all entries E IR Fesili JRL Details D hiig Mawi bunaneyzal_ torana sarfalnewa High Risk Malicious activity delacted Printraport Mark As FP G hintaa bunaperzaj conmimearak etikler Safe No malicious coda filas or actrity detected hiin devaa Duna peyza corr tinra prodilir High Risk Malicious activity detected Printraport Mark As FP D hit Mawa bunaperzal COMTerak ether High Risk Malicious acthity detected Print reponi Mark As FP D hig munansa corn High Risk Malicious acivily detected Print rapon Mark 4s FF G hifo wer bonapeyza commerak ettikler Safe No malicious code filas or actrity detected D hifo www bunapeyza comvmerak etikier High Risk Malicious activity detected Print repon Mark As FP hito Mawas tunapeyzal COMUTerak eTibler High Risk Ma
140. mbers and email addresses for contacting Comodo for purchasing Comodo Products and Services and to get Product Support 2 5 PCI Scanning PCI Scanning services in Web Inspector is a fully configurable vulnerability assessment and reporting service for networks and web servers Our remote audits run over 28 000 individual security tests on your organization s servers then provide expert advice to help you fix any vulnerabilities Because Comodo is PCI Approved Scanning Vendor ASV our Web Inspector Scan Control Center range provides everything a merchant needs to become compliant with the PCI vulnerability scanning guidelines The PCI Scan Compliancy Service is an on demand vulnerability assessment scanning solution to enable merchants and service providers to achieve PCI scan compliance After each scan users receive a comprehensive vulnerability report detailing any security issues alongside remediation advice and advisories to help fix them Following a successful scan no vulnerabilities with a CVSS base score greater than 4 0 merchants are provided with an official PCI compliance report that can be sent to an acquiring bank WI PCI also offers a web based Internal Scanning feature to run vulnerability scans on the individual devices connected to your network and protected by a firewall or other network security devices Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 50 Cr
141. ministrator Guide 2015 Comodo Security Solutions Inc All rights reserved 86 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO 2 5 4 6 Start Device Scanning 1 Login into Web Inspector PCI online interface and click Start Scan button in the Overview area as shown below Click here Address Scan Type Action subnets The scan configuration options will be displayed Start Scan Custom Scan x Select Al ie z C Start Cancel ila el zi i i vi e ribs i Test Device 2 Test Derice 3 Tied a PEPE Address Subnets Status Scan Type Action 2 Select Custom Scan from the scan type drop down menu 3 Select the device to be scanned in the next box If you want to run the scan for all the devices at once select All 4 Select the IPs in the next box If you want to run the scan for all the IPs in the selected device at once select All 5 Click Start E ae Simi Scan lyp Action Test Device All Addresses Scanning maaan e Cancel Scan inier ral 1 hal qetis Cou PE Tip If you want to run the scan simultaneously on multiple devices you can start scanning on the next device by following the same procedure when the scan in running in one device Also you can terminate the scan at any moment by clicking Cancel scan button 2 5 4 7 Viewing a Dashboard Summary of Scan Results On completion of scan a dashboard sum
142. modo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 52 coMoDOoO Creating Trust Online 2 Launch Setup Wizard for PCI Scanning Click the Help tab from the Navigation bar to access the Help area Web Inspector PCI Overview Schedule Reports My Account SAG Accouml Status Scans Lett 5 AddressesiDomains Lett Order more Addresses and then click the link Launch Setup Wizard for scanning The wizard allows you to configure and start the scan in just five simple steps Step 1 Add Device to Scan In order to run a PCI scan you must first create a Device A Web Inspector PCI Device is an umbrella term that describes a grouping of IP addresses and or domains that are to be used as the target fora PCI scan Web Inspector PCI Devices can be used to mirror a real life device For example a single machine in your organization s infrastructure may have multiple IP addresses and domains which host different services The PCI DSS guidelines state that all these IP addresses and services must be scanned By associating multiple IP addresses and domains to a single Web Inspector PCI Device you can simulate your real life device and scan it for PCI compliance in one pass All customers must create a device before PCI scanning can commence Note The Web Inspector PCI is powered by Comodo HackerGuardian and so WI PCI will be accessing HG techno
143. mpany City Displays the city of the Organization Company State Province Displays the State Province of the Organization Company Zip Postal code Displays the Zip Postal code URL Displays the url of Organization Company s website Date Format Allows you to change select the date format Time Zone Allows you to change select the time zone Daylight Saving Time When this option is selected the time stamp in reports will be based on DST of the country from where you are using the application The administrator can enter change the above details by deleting the old information and entering the new information View License Information Licenses Displays a list of Web Inspector licenses purchased so far The following table provides the description of columns in this area Column Description Product Name The name of the Web Inspector HackerGuardian service subscribed Starts The commencement date of the service Expires The expiry date of the license Quantity The total number of IPs Domains for which the service is subscribed Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 89 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO 2 5 5 2 Configure Email Alert and Global Alert Options Web Inspector PCI sends automated email notifications to administrators upon events like the commencement of a manual or schedul
144. mpensating oontrols exist Disable the Maintain synchronization information option from the Remote Info category of the advanced view of the Site Definition dialog box In addition ramowe the offending files if already created by the system O Modify the relevant CGls so that they filter metacharadiers convert amp it and amp gt to escape sequences Q Modify the relevant CGls so that they filter metacharacters convert Sit and amp gt to escape Sequences Upgrade to PHP version 5 2 10 or later upgrade to PHP version 5 2 11 or later O Addthe following lines for each virtual host in your configuration file RewnteEngine on RewriteCond REQUEST_METHOD TRACE TRACK RewriteRule F Altematively note that Apache versions 1 3 34 2 0 55 and 2 2 support disabling the TRACE method natively wia the TraceEnable directive Plugin output Nessus sent the following TRACE request SD ee TRACE eo 49108 7884 rd HTTF 1 1 Connection Close Host www mydomain com Pragma no cache User Agent Mozilla 0 compatibl MSIE 6 0 Windows NT 5 0 Accept image gif imagex xbitmap imagejpeg image pjpeg image png Accepl Language en Accepl Charset is0 B359 1 wi 8 E i i ssnccccnseccsecscessccseecces and received the following response from the remote server oneeeereeseeressereereresseees Gf emeena HTTP G 200 OK Date Wed 03 Mar 2010 23 37 08 GMT Serer Apache Connection clase Transter Encoding chunked Co
145. ncve W Q htio Whea ntar milimited URLs Scanned at 201 304 10 0015 35 UTC TrustLogo J Manage Report Remove W kiporo me corr nlii WRI Scanning Manage Ragori Rempe e Click the Trust Logo link at the end in the row that you want to add the Trust Logo to the website Note The availability of TrustLogo link in the interface depends on the license that you have purchased See the section Subscribe WI services for more websites in Web Inspector Area on how to purchase WI services with TrustLogo Note You can also add TrustLogo at a later stage in the General Website Configuration screen Refer to the section Adding Trust Logo to your Website in General Website Configuration for more details Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 16 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO p 2 3 4 Validating your Website If you have opted to skip validation of your website at the time of Adding Websites for Daily Blacklist Monitoring and Malware Scanning you can do so in the list of websites interface To validate website ownership e Click Websites at the top of the interface The list of websites added for daily WI scanning will be listed The Ownership Verification link will be displayed for the websites that have not been validated Min wat PhS bores bee irii unlimited URLS The we
146. ng a website See the section General Website configuration section for more details Once website s have been added the daily blacklist monitoring and malware scanning will begin at a predetermined time After the first scan is completed Report links will be displayed beside the respective websites list in the interface See the section Web Inspector Scan Reports for more details WI will be sending emails daily regarding the status of your websites which will help you to take immediate remedial action in case of blacklisting any of your websites by major search engines An example of a notification email is shown below Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 12 Comodo Web Inspector Administrator Guide ee ble Edt Yew Go Message Tools Help ea Get Mail Ei Wribe E Address Book from webbepector eomoda om aren LO irk 38 cette subject Web Inspector Alert Daily malware scanning report for http www instantsslcom 12 18 2012 4 52 PM to Tout other actions Dear test test Website http w instantssl com Status Safe ncanned at 2012 12 16 11 01 02 UTC DRL limit 500 URL limit Please login to the management interface at https 10 6 5 10 falert to view more details Thanks The Comodo Team Support comodo cam forums comodo cori This em il and any files transmitted with it are confidential and intended solely for the use of the
147. ngs Address 5 Status Submets Test Device 2 El All Addresses Sc amma a PEI Scan Cancel Scan 1 targeta coumi W ull www promninepy amp A Addresses Non Compliant 04 11 2013 1205 PCI Scan Executive Report ia Report Charts bishercom i tarepetis cum all Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 61 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO Click the following links for more details e Overview e List of Devices 2 5 3 1 Overview The Overview area displays the status of the last run Web Inspector PCI Scans and a dashboard summary of the scan reports from the last scan performed on the device selected from the device list area Web Inspector PCI Schedule Reports My Account SAQ Help Web Inspector PCI Overview BNS Account Status P I Scan Status Scans Lett B Addresses Domains Lai Device Dashboard 1 Order mare Addresses Holes Warmin os Hotes Motes a Wamings Vulnerabilities by Host A graphical representation of the information regarding the security holes found security warnings and security notes per host Each category is represented by a different color Pointing the mouse cursor over a bar in the graph displays the count of the respective item found Vulnerabilities by Severity A pie diagram representation of information regarding the security holes
148. ning will be displayed You have 2 unconfirmed special notes Host 108 162 195 201 Flugin group Directory Browsing Serice name generaliicp Plugin names OS Identification Customer Cl The customer declares the software is implemented securely Declaration Browsing of directories on web servers can lead to information disclosure or potential exploit Due to increased risk to the cardholder data environment please 1 justify the business need for this configuration to the ASY or 2 confirm that itis disabled Please consult your ASW if you have questions aboutthis Special Note Address the issue or confirm that the security notes are taken care by selecting the check box and click Next An attestation screen will appear Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 113 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO j j YOU are required to provide an attestation of scan compliance Plaase review and acceptthe attestation shown below est attests that This scan includes all components which should be in scope of PCl DSS any component considered out of scope for this stan is properly segmented from my cardfolder data environment and any evidence submitted to the ASW to resolve scan exceptions is accurate and cornplete test also acknowledges the following 1 proper scoping of this external stan is my responsibllity
149. ns 4 Print in PDF Back to All Reports 2 0 1 1 Filtering Options The administrator can filter the reports listed based on the scan type status or even the reports pertaining to a specific IP or domain Reports Cl Report us E Address on Wiews PC Aep od Status l i Generate Report Pack Address Domain Search Address Subnets Status Scan Type Action Test Device 2 All Addresse Compliant 1 0 2013 TUU Pl Scar Executive Report T Report Charts The table below describes the filtering options available in this interface Filter Description View Enables to filter the reports based on the scan type E g to view only the PCI scan reports select PCI Reports from the drop down menu Filter by Status Enables to filter the reports based on success or failure of the scan results Search by IP Domains Enables to filter the reports pertaining to specific IP or Domain The administrator can enter the IP address or the Domain name and the reports only for those will be listed 2 0 2 Executive Report An Executive Report is a condensed view of the information available by viewing reports individually but present it in an more easily digested manner allowing admins to quickly pick out where insecurities lie and to assess then investigate any surges in the trends To view an executive summary of a device click the Executive Report button in the row Tip You can also click
150. ns Interfaces names are usually this eth ethx wired ethernet wWlan wlank wireless client wlanmaster wlanmasterxX wireless master e Select the network adapter through which you want the scan to be performed and select the connection mode Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 83 Comodo Web Inspector Admini COMODO Creating Trust Online C 0 M 0 D 0 HackerGuardian VPN Agent ethO mode Select connection mode sti Static Ss hep conf igure wired network by DHCP protocol lt Cancel gt e The available connection mode choices are Static IP address and DHCP Select the mode in which the device is connected to the network In the next dialog set the parameters for the connection The agent detects the default parameters of the device and displays them Only change the values you wish to change and select OK Use up and down arrow keys and the tab key for navigation C 0 M 0 D 0 HackerGuardian VPN Agent ethO static ip params Please provide data for static IP Hostname defau tld 192 168 0 1 299 209 209 0 192z 168 0 z254 Nameserver 192 168 0 254 Cance l gt e If you are satisfied with the above configurations select Apply in the next dialog The previously stored parameters are overwritten with the new values If you want to edit the settings before saving select Modify The Network configuration will be r
151. ntent Type message hiip TRACE iMessus431087684 html HTTP 1 1 Connedion Close Host wawomnydamain com Pragma noa cache User Agent Mozilla 4 0 compatible MSIE 6 0 Windows NT 5 0 Accept image gif imaget xbitmap imagejpeg image pjpeg image png Accept Language en Accept Charset s0 8359 1 utt 8 snip Q inhtipd conf set the UserDir to disabled Upgrade to OpenSSH version 5 0 or later upgrade to OpenSSH version 5 0 or later Upgrade to OpenSSH version 5 0 or later Upgrade to OpenSSH 4 4 or later Upgrade to OpenSSH 4 4 or later Upgrade to OpenSSH 4 4 or later We recommend you underake the following remedial scion Upgrade to OpenSSH 4 2 or later Upgrade to OpenSSH 4 2 or later Upgrade to OpenSSH 4 2 or later Add the attribute autocomplete off to these fields to prevent browsers from caching cradantials O Review the contents ofthe site s robots td file use Robots META tags instead of entnies in the robots td file and or adjust the web server s access controls to limit access to sensitve material Make sure that such files do not contain any confidential or otherwise sensitive information and that thay are only accessible to those with valid credentials That s why EACH report contains a condensed PCI specific Mitigation Plan a concise bulleted list of actions that you need to Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc
152. nts Manager CAM To change your password e Click Change Password from the right hand side pane in the My Account interface Change Password Please enter New Password Old Password New Password Reenter Hew Password Submit e Enter your existing password on Old Password text box e Enter your new password in the New Password text box and re enter for confirmation in the Reenter New Password text box e Click Submit Your access password is now changed You need to enter your new password to access your SI services account from next login onwards Changing Contact Information The Change Contact Information option in the right hand side pane enables you to change your contact details from those provided during your account sign up To change your contact details e Click Change Contact Information from the right hand side pane in the My Account interface The Change Contact Information form will appear pre populated with the details entered while signing up the account Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 46 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO j f f azi Change Contact Information First lame Last Hame test Gender Birthday a Street Address fest City test Country state or Province Postal Code e Modify the details as
153. o configure the general scanning options the HackerGuardian plug ins to be deployed during scanning and PCI scan options like configuring start url and hidden urls of your website Web Inspector PCI Overview Schedule Reports My Account Account Information Email Alerts Custom Settings PEI Settings My Account Mi be seni al Popata n actiuni neha massages Meig Account Eimail johremihiSerample con j i i aii FEeneWwe enm ngera CompanyName Company Hane Name 23 Iwill aopear on al Execuive Renania Country Name u5 Contact Johri Sini Title IT Manage lejepihmne 12455 Business H tala Gii i i ie Hame I Address Liy Hers York state Proangce Hy Lip Postal code TOU URL Wn ekaTple cam Date Fonmaat Hh delay Be Tithe Zong Application Tine lt oneiGh T 0 00 w ravigi 0104 2013 yiio O Saving Time Licenses Product Hame Stats Expires Outi Yeb inspector PI Enterprise SAS Medium 01 02 2013 01 01 7014 Unlimited This area contains four tabs My Account Enables the Administrator to view modify the account related information view License information and configure email alert options Email Alerts Enables the Administrator to configure email alert options Custom Settings Enables the Administrator to configure general scanning options and to select vulnerability plug ins to be deployed during the scans PCI Settings Enables the Administrator to configure the start url from where Web Inspector PCI has
154. om Scan Indicates that the device IP domain is Custom Scan enabled Action Executive Enables the Administrator to view executive scan report of the last scan run on the Report button device Available only for the devices and not for the individual IPs and Domains associated with the device Click here for more details Report Charts Enables the Administrator to view the Charts Page contains at a glance summary of the button scan results on the device at the top and graphical representations of proportions of identified vulnerabilities according to their categories Click here for more details Vulnerability Enables the Administrator to view vulnerability report of the last run scan on the Report button device IP domain Available only for the individual IPs and Domains associated with a device Click here for more details Retest Enables the Administrator to re run the scan on the device IP domain that has failed any of the scans Note Clicking on the up or down arrows beside each column heading sorts the list of devices in ascending order based on the Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 63 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO category From this area you can e Create new device to enable PCI scanning e Manage existing devices e View a dashboard summary of scan r
155. on code will be sent to the email address e Copy the code in the email and paste it in the text box in Step 5 and click the SUBMIT button e After successful verification Manage and TrustLogo links will become available for that domain Note the availability of TrustLogo link depends on your subscription type DNS CNAME Web Inspector will generate a unique code which must be added into your DNS CNAME record Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 11 Creating Trust Online Comodo Web Inspector Administrator Guide anon Website ownership verification Before Web Inspector can start Scanning your website we need to verity your ownership ofthe website choose a method of website ownership There are four was you can verity website Qwnership Click any of the choices to read step bestep instructons for that method Please selecitthe method you preter O Fil Upload Upload a special fle t your webserver Meta Tag Add a meta tag to your home page O Administrative Email Confirm code sentvia email to the domains administrator DNS CNAME Enter a code into your DNS CNAME record Please add a ONS CNAME record for your domain The hashes are to be entered as follows 156 395daab9ed278b7489c1e989a37 72 example com CNAME wi 23a1 3084cd2b256e a36327c9b11d6e1 webinspectorcom Please take care to include the period atthe end of each
156. orm a scan for three months e Contact me when new vulnerability plug in are added Selecting this option instructs Web Inspector PCI to send a notification email to the Account Email address whenever a new vulnerability plug in is added to Web Inspector PCI enabling the Administrator to deploy the plug in in future scans e Contact me when the Report Pack is awaiting review Selecting this option instructs Web Inspector PCI to send a notification email to the Account Email address whenever the administrator has attempted to download the Web Inspector PCI Scan Report pack by clicking the Generate Report Pack in the Reports area and the Report is under review by a PCI CSS approved staff of Comodo The Report will be available for download upon completion of the Review and approval by the Comodo staff Refer to Downloading Report Pack for more details e Contact me when the Report Pack is available Selecting this option instructs Web Inspector PCI to send a notification email to the Account Email address whenever the administrator has attempted to download the Web Inspector PCI Scan Report pack by clicking the Generate Report Pack in the Reports area and the Report is ready for download after review by a PCI CSS approved staff of Comodo Refer to Downloading Report Pack for more details e Contact me if a Report Pack issue is detected Selecting this option instructs Web Inspector PCI to send a notification email to the Account Email addr
157. oval by the Comodo staff Refer to Downloading Report Pack for more details e Contact me when the Report Pack is available Selecting this option instructs Web Inspector PCI to send a notification email to the Account Email address whenever the administrator has attempted to download the Web Inspector PCI Scan Report pack by clicking the Generate Report Pack in the Reports area and the Report is ready for download after review by a PCI CSS approved staff of Comodo Refer to Downloading Report Pack for more details e Contact me if a Report Pack issue is detected Selecting this option instructs Web Inspector PCI to send a notification email to the Account Email address whenever the administrator has attempted to download the Web Inspector PCI Scan Report pack by clicking the Generate Report Pack in the Reports area Report has been reviewed by a PCI CSS approved staff of Comodo and an issue has been detected in the generated report Refer to Downloading Report Pack for more details e Contact me if a Report Pack generation fails Selecting this option instructs Web Inspector PCI to send a notification email to the Account Email address whenever the administrator has attempted to download the Web Inspector PCI Scan Report pack by clicking the Generate Report Pack in the Reports area and the Report generation has failed for some reasons Refer to Downloading Report Pack for more details 3 Click Add if you want to configure email s
158. pat li Remigg M r Fyn Tip The most recent report for a specific website can be opened by clicking the Report link against the website name in the List of Websites interface Refer to the section Viewing Last Scanned WI Reports for more details The report page is divided into two sections namely e Report Summary Provides an at a glance summary of status of the website number of pages scanned domain registration and contact details The Summary area also contains a link to open a list of report on unsafe URLs found on the same IP address e Checked URLs Gives a list of web pages URLs in the website which are scanned with individual results Report Summary The Report Summary area provides at a glance summary of the scan results It also gives e the IP address of the domain e the domain registration details e administrative technical contact details of the domain e Whois information for the website Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 25 Comodo Web Inspector Administrator Guide COMODO Creating Trust Online f f Report for http tunapeyzaj com This is a high risk site Seanned IP 91 9310715 Scan results forthe last days E 0 Sate E i Suspicious W 9 High Risk E oO lnconclusive Scan Tire 2073 04 01 13044 UTC County Turkey Ei Number ofthecked URLS 12 Details Blacklist chec
159. r existence of this file to prove domain control e After successful verification Manage and TrustLogo links will become available for that domain Note the availability of TrustLogo link depends on your subscription type Meta Tag Web Inspector will generate a unique tag which must be inserted into the meta data of your home page html Web Inspector will check this page and validate domain control based on the presence of the tag Ownership verification for the website http example com Heitor WWEDINSpPeciOr begins ChecKINng your Website for malware we need to Check hal you Own he website nis is done by venting website ownership Choose a method ofwebsite qenershio There are four ways you can verify website ownership Click any ofthe choices to read step by step instructions for that method Please selecting method you preter File Upload pload a Special file fo your webserver Weta Tag Add a meta tag to your home page Please add the meta tag to your home page hitpfexample coms lt meta name comoco_s _verfiication content 4 30291 lishould be placed inthe HEAD HEAD section of the page Chey ki ihe tags ave Deen sdde J D ye ving pade SOULE OF YOU live OMe f age Click Verity to begin website ownership verification O Administrative Email Confirm a code sentvia email to the domains administrator DONS CNAME Enter a code into your DNS CNAME record e Copy the meta tag from t
160. re e Where can find a PCI Approved Scanning Vendor capable of providing quarterly PCI vulnerability scans e What s the deadline for compliance When must I begin using the new PCI standards e What are the penalties for non compliance with the PCI standards e Make it easy for me What do I have to do to become compliant What is PCI DSS The Payment Card Industry Data Security Standards PCI DSS are a set of 12 requirements developed jointly by Visa MasterCard JCB International Discover and American Express to prevent consumer data theft and reduce online fraud The PCI DSS represents a multifaceted standard that includes requirements for security management policies procedures network architecture software design and other critical protective measures Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 121 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO Compliance and validation of compliance with some or all of the 12 requirements is mandatory for any organization that stores transmits or processes credit card transactions e The exact number of requirements out of the 12 that any one organization need comply with is dependent on that organization s Validation Type An organization s Validation Type is determined by precisely how that organization handles credit card data There are 5 such Validation Types and every organization will that
161. required Note Fields marked with are mandatory e Click Submit Your contact information attached with the account are now changed Changing Your Email Address The Change Email Address option in the right hand side pane enables you to change your email address that is associated with your account To change your contact email address e Click Change Email Address from the right hand side pane in the My Account interface Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 47 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO Change Email Address Old Email Address jamithitexample com Hew Email Address johnsmith newmail com Reenter New Email Address johnsmith newmail com n I Submit Cancel The Change Email Address form appears pre populated with the email entered while signing up the account e Enter the new email address in the New Email Address text box and re enter the same in the Reenter New Email Address text box for confirmation e Click Submit The email address attached to your account is now changed You will receive email notifications related to your Comodo Web Inspector account only in your new email address But your login email address remains the same as signed up with Managing Your Credit Cards Information The Credit Cards Management option in the right hand si
162. rough reverse lookups on the domains or common hostnames for the domains included previously by clicking the link Please check discovered currently out of scope This helps you to identify the out of the scope components to be scanned and add to the created device e Click Save The device will be added to your Web Inspector PCI account and accessible from the Overview area e Click Add if you want to add the next device The device will be added to your Web Inspector PCI account and accessible from the Overview area e If you have finished adding new devices click Next to continue the wizard Note You can also add new devices and edit existing devices from the Overview area of the interface Click here for more details Step 2 Schedule the PCI Scan The next step is to schedule the scan if you wish to run the scan at a later time or periodically This is optional If you do not want to schedule the scan and want to run the scan instantly just click Next button to skip this step and go to Step 3 Web Inspector PCI Setup Wizard Schedule Reporta My Account SAQ a B 4 Schedule Scans Schedule table shows all upcoming Stans and current recurring schedules f i g I Account Status IP Addresses Scanning Schedule Scan Type Scans Left 5 Addresses Domains Left 1 Add New Onder more Schedule Addresses lf you want to schedule the scan click Add New Schedule button Comodo Web Insp
163. rs to only support cipher suites that do not use block ciphers Apply patches if avaiable Purchase or generate a new SSL certificate to replace the existing one Fiter out the ICMP timestamp requests 13 and the outgoing ICMP timestamp renhes 14 if you wert to test them re scan using the special vhost syrtax such as www exaole com 192 0 32 10 It the machine hes several names make sure that users Connect to the service through the ONS host name that matches the common name in the certificate Part 3b Special notes by IP Address Rem Noted 1 emote IP Address Note access software POS Scan customer s decta ation that description of actions taken Scan customer s software is to either 1 emowe the software etc implemented securely software of 2 implement ww letscoding com Browsing of directories on web servers can leadto Directory Browsing information disclosure or potential explot Due to aeneraltco increased risk to the cardholder date environmen please 1 justify the business need for this Contiguration to the ASV or 2 confirm that t is chsabled Please comeull your ASY if you have Questions about Ihis Special Note The Executive report contains the following information Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc see next column if not security controls to secure implemented securely the All rights reserved COMODO Creating Trust Online 103
164. rusiLogo Manage Report Remove W hitp Wexampte cams unlimited URLs The website ownership has not been venfiec Cwnership Vanficahon Remove W G http wovskywintot mmiinited URLs nned at 201 3 04 1 16 06 WT TrustLogo Manage Report Remove W Manag Renan Seite M 2 3 1 Removing a Website from Daily Blacklist Monitoring and Malware scanning lf you want to remove a website from daily blacklist monitoring and malware scanning this can be done in the list of websites interface To remove a website from the list e Click Websites at the top of the interface Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 14 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO i e English hail web inspector Chat witty us Mow Lobe 898 268 6981 Request a Callback Email l Inagenct Detect Peries List of Websites Manage your website 2 Wiii Nads acawak mat unlimited URLS Scanned at 2013 04 12 01 30 42 UTC Teo Manage Report Remove X hittin atng howvekyinto unlimited URLS The websile ownership has nol baan warned Ownership Yenficabon Ramove X htin vbuqgerme com unlimited URLs Scanning TrusiLogo Manage Report amp Remove W htt Wexample cam unlimited URLs The website ownership has not been vented Cwnership Veniicaton Remove W W hith vwoveky infor unlineted URLS anned at 2013 04 13 16 01 TrusiLogo Manage Report S R
165. sciicdunsedieseidiiniadariedasaiileadstmsisonsdulssdantdddancuabstvabeabliediaadd 88 e T aa T a a estes pene are 89 2 5 5 2 Configure Email Alert and Global Alert OpIONS esisissirsisssiriiinrini rasain ena 90 EREE a ES cl 5 AAI A A EE AAN E AAEN EA A VAA A A ee 91 e O NEEE E E ETE 94 EASL oe E EES e g o E een ee EEE A T E AEA D AT E E P E E A T meer 98 LoL ANGA NWN SCAN a U i E E minnie 98 2 5 7 Web Inspector PCI REDOING cidcenescesassencidaiehdcacnivnsatessetosdsbasssaarienoiaexansshansenaystannsisbnedasiueasedpaebssdsnssdsbasenedsedseebuceteees 100 eo ll i ei a E T E ENESA I A E AE E ANA E 101 PA Aa ao EEEE ET A NA N AEA A E N A EEE TEA 102 Fe N a EE tee tacos ceseaecesi rete aseinenen dencadeananeeteentees 102 PaO BD ola aos 3 2 Sane mente E ore ere ar eee eet er acer eye ere ene an sentir er earn 105 PASNE ee tara E A A EN A ait tbadoandahaihncis unis E A EEE 107 rE A CE E a a EAA E AN ONE EAE A vag N E E O EE E E E 110 Be P a P N E E eam teteingleecmicumenen 112 FNM DO a RE r TE 113 25 7 6 Tracking Status Of Submited False POSES ssctesncinnicassenzesceassennadunasnskateamncansneashavansivapdeianelaendtudsdnsdnanansndnaes 116 PA a e eo ea aa e E N E N TA EEA E E NAE A 117 CACM a r aa Er E a N A AP NE A eee E E E PAT N E E TEE EATA E 118 26 1 Web Inspector PCI Services General FAU sssisiinireirieekerreeicecaidiiniii sii nin Nnn NEN EEN sn na NTE ERER 118 2 6 2 Web Inspector PCI Services Technical FAQ cccccsccsecsscsecsscsessrsses
166. security warnings and security notes found Pointing the mouse cursor over a sector in the diagram displays the percentage proportion of the respective item found Definitions of Terms Term Description Holes A vulnerability whose severity level according to PCI Severity Rating is more than three or High is identified as a Security Hole by Web Inspector PCI To pass a PCI Compliance scan no holes are to be found during the scan If any holes are found the merchant or the service provider must re mediate the identified problems and re run the scan until the compliance is achieved Click here for more details Warnings A vulnerability whose severity level is more two or Medium is indicated as a Security Warning by Web Inspector PCI To pass a PCI Compliance scan no warnings are to be found during the scan If any warnings are found the merchant or the service provider must re mediate the identified problems and re run the scan until the compliance is achieved Click here for more details Notes A vulnerability whose severity level is more one or Low is indicated as a Security Note by Web Inspector PCI Click here for more details Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 62 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO jf f 2 5 3 2 List of Devices The Device List area displays a list of ex
167. served 112 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO Your Host Compliancy Status will be automatically updated in your Executive Report You do not need to run another scan For example If this false positive represented the only security hole on your host then your PCI report will change from Not Compliant to Compliant and you can immediately download it 2 5 7 7 Downloading Reports Pack The Administrators can download all the reports in pdf format as a zip file by clicking the Generate Report Pack button in the Reports gt Scans interface The Report Pack will contain Executive Report Vulnerability Report and the Attestation Scan Compliance report of the PCI scans executed within the past 90 days These scan reports should be submitted to the acquiring bank or payment bank according to their instructions to demonstrate compliance To download the report pack click the Generate Report Pack button from the Reports area Web Inspector PCI Overnaew Schedule Reports My Account SAQ Scans False Positives Tracker Report Packs Reports or Fitter by jasp peach BF Yiew FL Reports Status All Generate Report Pack Address Domain search Address Subnets Status Scan ype Action Test Device EJ All Addresses Compliant U1 OF UTATU Pl Sean Executive Report iy Report Charts lf some unresolved security notes are present in the report the following war
168. specific txt file which is to be placed on the root of your web server Comodo will run an automated check and verify domain control based on the presence of this file Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 17 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO j j Ownership verification for the website http example com Before WWeblnspector begins checking your website for malware we need to check that you own the website This is done by verifving website ownership Choose a method of website ownership There are four ways You can verify website ownership Click any ofthe choices to read step by step instructions for that method Please selectthe method you prefer File Upload Upload a special file to your webserver Please download this file and upload itto the root folder of your web server Test the file is in place by downloading itftram httpvfexample camifcomodo_si_verification Click Verify to begin website ownership verification meta Tag Add a meta tag to your home page Administrative Email Confirm a code sent via email to the domains administrator ONS CNAME Enter a code into vour ONS CNAME record VERIFY e Download the text file by clicking file e Upload it to root folder of your web server e After the text file has been uploaded click the VERIFY button e Comodo will check fo
169. spector PCI Overview Schedule ta My Account Account Information Email Alerts Custom Settings PC Settings Advanced options Scanning i El Safe Checks Nol recommended fo Options Fon Range default inexperienced users Click i C Designate hosts by thelr MAC addresses pere to wiew a description of O consider unscanned ports ae closed ea Exclude top level domain wildcard host Jii et Parallel Checks 4 E Hessus TCP Scanner s Ping the Herrot Hosts EI Optlirmnied Test Ti j A Mirnap NASL Wrapper o acan tor aBreatarpited hosts LI SYN Sean CI HMetstat Scanner This interface allows you to e Configure general options pertaining to the scans e Choose which plug ins are to be deployed during a scan Configure Scan Options This area enables administrators to configure general options pertaining to the scans The settings chosen in this area will apply to any scan performed on selected device in the Overview and Scheduled Scans areas Scan Option Element Type Description Port Range Text box Set the range of ports to be scanned A special value of default is allowed which scans port 1 15000 To scan all TCP ports on the target host enter 1 65935 Enter single ports such as 21 23 25 or more complex sets such as 21 23 25 1024 2048 6000 or enter default to scan default ports Consider unscanned ports Check box Ports that are not specifically scanned will be assumed as in closed state as close
170. start scanning a selected device 1 Click Start Scan button in the upper pane of the Overview area as shown below ue Click here Address Subnets Scan Type Action Py Cn ee alai Saja EOE ss Select AJ elect Start Cancel he ATES P P P Aili T Test Deica WWW letocoding co lest Device 2 Tett Device 3 Address Scan Type Action Subnets 2 Select the device to be scanned in the next box If you want to run the scan for all the devices at once select All 3 Select the IPs Domains in the next box If you want to run the scan for all the IPs Domains in the selected device at once select All 4 Click Start Fu ray f Address z a Scan Type Acton Subnets Scanning Pll Scan Cancel Scan TestDevice E All Addresses 1 target s coun if all Tip If you want to run the scan simultaneously on multiple devices you can start scanning on the next device by following the Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 68 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO same procedure when the scan in running in one device Also you can terminate the scan at any moment by clicking Cancel Scan button 2 5 3 6 Viewing a Dashboard Summary of Scan Results On completion of scan a dashboard summary of the results will be displayed in the upper pane of
171. t Remove W hitth Wet G62 howeky inte unlined URLS The website ownership has not been vented Cemership Yenficabon Ramove W http Vbuggqerme com unlimited URLs Scanning TrusiLogo Manage Report Remove W hitp Wexampte cams unlimited URLs The website ownership has not been vented Cwnership Yanficabon Remove W G http wovskywintot mmiinited URLs nned at 201 3 04 1 16 06 WA TrustLogo Manage Report Remove W Manage Repon Remove W O Main Functional Areas e Setup Wizard In this area an administrator can add websites for daily blacklist monitoring malware scanning services general vulnerability scanning and PCI vulnerability scanning See the Adding Websites for Daily Blacklist Monitoring and Malware Scanning section for more details e Websites In this area an administrator can manage the added websites such as remove enable or disable websites from the list in this interface and view reports This area also allows an administrator to website configuration and more See the Managing Websites in Web Inspector section for more details e My Account Provides details of your account in the CAM interface See the Managing Your Account section for more details e PCI Scanning In this interface an administrator can perform vulnerability assessment scanning of the website to achieve PCI scan compliance See the section PCI Scanning for more details e FAQ Answers to the mostly commonly asked questions regarding Web Inspector
172. t area displays a list of devices added to Web Inspector PCI and provides an at a glance summary of the status of each device This area also allows the administrators to create a new device edit a device add IP s to a device and open device reports Click here for more details Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 60 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO Account Status Information Area The Account Status Information Area displays the number of remaining scans and free IPs Domains deserved by the administrator and also allows the administrator to purchase the service for more IPs Click here for more details 2 5 3 PCI Scan To login in to the WI PCI interface click the PCI Scanning tab in WI main interface English Inapeect Deiat Probst Setup Wizard Websites My Account GEci seaming Welcome Testi F P1 Po Test Logout You will be taken to the Web Inspector PCI login page at https pci webinspector com sas login jsp Once you login to your account the main configuration area of the Web Inspector PCI interface is displayed It contains two areas namely Overview and List of Devices Reports My Account SAQ Logout Web Inspector PCI Overview Se Account Stas PUI Scan Status Scans Lett 5 AddrassesDamains Lat Device Dashboard i Order more Addresses Holas Wamings Hobes Warni
173. t such as disable enable it from WI scans change email address view reports and more To access the configuration interface e Click the Manage link at the right side in the row of the website that you want to manage Nip uGge mnie oon unimied RLS Scanning TrustLoga Manage Report Rerove Nip emarrinle corm unlimited RLS The website ownership has nol been verified Canership Verification Remove G nip swows kirta unlimited URLs Scanned at 2013 04 12 00 16 06 UTC TrustLoga raae Jeron a Remove X Nip wvonoa Mme corre unlimited URLs Scanning Manage Report i Renove X Note The Manage button will appear only after the ownership of the website has been successfully verified after adding it in Web Inspector See the section Adding Websites for Daily Blacklist Monitoring and Malware Scanning for more details on how to add and authenticate ownership The General Website Configuration interface for the selected website will be displayed Return to List of Wiebanes Management of the website nttp Ilvovsky info General Website Goni ureter Disable Website Change Ernail Repos False Posies Scanning Options Trustloge Status Ons reserved a Camnoada GA Lhd 7013 ali rig Support FAD Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 20 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO j A f a f il f
174. t to the right people You can change these options and more at any time by clicking the MY ACCOUNT tab and selecting Edit Select Envail alert options fo PEI Scar oF Email Address Eirictil Adil ess Device All w Addresses Lomas Alert F rila ite winner A ari iail pe Global Alert Options Contact me if have not performed a scan in 3 months C Conact me when new vulnerability Higgins ae adike C Contact me when the Report Pack is awaiting review C Contact me when the the Report Pack is available Cl Contact me if a Report Pack issue is detected Contact me if the Report Pack generation fails lt Prev Next gt gt 1 Select the Email Alert Options as given in the table below Form Element Description Select Email alert Select the option PCI Scan from the drop down options for Email Address Enter the email address to which you wish to receive the scan alert message in the text box below Email Address This address can be different from the Account Email and can belong to the administrator for the specific device domain Device Select the Device for which you wish to receive the scan alert message from the drop down box below Device If you wish to have the alert message for all the devices select All IP Select the Ps Domains pertaining to the device selected for which you wish to receive the scan alert Addresses Domai message from the text box below IP Address
175. the Overview area Web Inspector PCI a Schedule Reports My Account Web Inspector PCI Overview PC Scan States Account Status Scans Lett 5 Addresses Domains Lan Device Dashboard Order more Addresses Holas Wamings Hobes Motes v pare p gt Wamings If you want to switch to the scan results of other devices click the bar graph button beneath the device name as shown below Address z Subnets stalus Scan lype Action Jest device All Addresses Non Compliant 01 03 2013 UES FEI scan Executive Report aul Report Charts targets count lt a Click here 2 5 3 7 Viewing Executive Report Charts and Vulnerability Reports To view the Executive scan Report click the Executive Report button beside the device name To view the Charts page that contains at a glance summary of the scan results on the device and graphical representations of proportions of identified vulnerabilities according to their categories click the Report Charts button beside the device name To view the Vulnerability Report click the Vulnerability Report button beside the IP domain name from the list of Ps domain names displayed by clicking the button beside the Device name Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 69 COMODO Creating Trust Online i meiras Scan Type Action a a Pe Tela t F m4_ ia j i a ET Di me Test device
176. timate website and use it to host their attacks without the owners knowledge Innocent businesses can often find their websites blacklisted through no misdemeanor of their own Web Inspector checks all the major website blacklists for your websites on a daily basis You will receive immediate notification if one of your sites is found enabling you to take appropriate remedial action Of course the malware scanning component of Web Inspector will thoroughly check your website for viruses on a daily basis and will notify you before the search engines ever find out To add a website for daily blacklist monitoring and malware scanning e Click Setup Wizard at the top of the interface English WHat brespeect Dewi Prois e Step 1 Enter the URL of the website that you want to add in the text box Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 7 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO a setup Website Setup a daily check to ensure your website is not blacklisted and is free of mahvare You will receive an email avery day with the status of your website Please enterthe site you want to configure for Web Inspector scans http example com ADD SITE Cancel Setup e Click the ADD SITE button setup Website SeIUP a Cally Check to ensure yaur website Is mot blacklisted and is Tree of malware TOU Will recewe an
177. to start scanning all the Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 88 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO j A f a f il f webpages microsites of the website The Administrator can also specify the hidden urls in the website to be scanned 2 5 5 1 My Account Area To access the My Accounts area 1 Switch to My Accounts area of the Web Inspector PCI interface 2 By default the Account Information screen will be displayed This interface allows you to e View Modify your Account information provided while creating your account e View your License information View Modify Your Account Information Account Email Displays the email address of the subscriber of the Web Inspector PCI service All the account related messages and reminders for renewals will be sent to this email address Company Name Displays the name of the Organization Company attached to the account Country Name Displays the name of the Country of the Organization Company Contact Displays the name of the Administrator Contact person of the Organization Company responsible for subscription of Web Inspector PCI service Title Displays the position job title of the Administrator Contact person Telephone Displays the telephone number of the Administrator Contact person Business Address Displays the address of the Organization Co
178. tor PCI interface allows administrators to add additional IP addresses Domains to their license at any time To buy additional IP addresses domains 1 Click on the Order more Addresses button in the Account Status area of the interface as shown below Account Status Scans Lett UNLIMITED Addressesi Daomains Lett 14 Order more Addresses You will be taken to the product purchase page Select your subscription pack and complete the purchase procedure The ability to scan the additional IP addresses will be automatically added to your license Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 117 Creating Trust Online Comodo Web Inspector Administrator Guide COMODO 2 6 Web Inspector PCI FAQs e Web Inspector PCI Services General FAQ e Web Inspector PCI Services Technical FAQ e PCIFAQ 2 6 1 Web Inspector PCI Services General FAQ e What s the difference between the Web Inspector PCI services e Why do I need vulnerability scanning if have an SSL certificate e Is there a User Manual for Web Inspector PCI What s the difference between the Web Inspector PCI services Web Inspector PCI Scan Compliancy The PCI Scan Control Center is an on demand vulnerability assessment scanning solution to enable merchants and service providers to achieve PCI scan compliance After each scan users receive a comprehensive vulnerability report detailin
179. trieve an administrate contact email address fori your WHOIS record for he domain example cam an address can be found an earmail willbe sentto this address The email will contain a unique validation code This should be copied and pasted into the relevant website Ownership page on Web Inspector Click Yeri to begin website ownership verification ONS CNAME Enter a code Into your ONS CHAME record e Click the VERIFY button e Web Inspector will check for the administrative contact email address for the domain and if found in the WHOIS database will proceed to Step 4 e Click the SEND EMAIL button The verification code will be sent to the email address e Copy the code in the email and paste it in the text box in Step 5 and click the SUBMIT button e After successful verification Manage and TrustLogo links will become available for that domain Note the availability of TrustLogo link depends on your subscription type DNS CNAME Web Inspector will generate a unique code which must be added into your DNS CNAME record Ownership verification for the website http example com Before Weblnspector begins checkir g your website for malware we need to check that you own the website This is done by ve ning website Ownership Choose a method of website ovenership There are four ways you can verity website ownership Click any ofthe choices to read step by step instructions for that method Ple
180. utive Report indicates a failure in the Compliancy Status then vulnerabilities with a CVSS base score greater than 4 0 were discovered on your externally facing IP addresses The accompanying Vulnerability Report contains a detailed synopsis of every vulnerability prioritized by threat severity Each discovered vulnerability is accompanied with solutions expert advice and cross referenced links to help you fix the problem You should fix all vulnerabilities identified as a Security Hole Furthermore each report contains a condensed PCI specific Mitigation Plan a concise bulleted list of actions that you need to take to achieve compliance After completing the actions specified in the Mitigation Plan you should run another scan until the report returns a Compliant Status 2 5 7 3 Charts Page The Charts Page contains at a glance summary of the scan results on the device at the top and graphical representations of proportions of identified vulnerabilities according to their categories To view the Chart Page of a Device click the Report Charts button lul in the row of the Device Tip You can also click the charts page button beside the Device name from the Device List area to view the page Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 105 Creating Trust Online Comodo Web Inspector Admin istrator Guide ye COMODO j j An example of the
181. vailable block devices containing with live file system like FAT 12 FAT16 FAT 32 VFAT ext2 ext3 XFS reisrfs etc and proposes a list of valid devices for you to choose from The selected device will then be used to store the configuration files by creating a special directory The stored configuration will be automatically detected and reused every time the scanning is run You can cancel the device selection if you do not want to store the configuration files 2 5 4 5 4 Diagnostic Console The Diagnostic Console is intended for advanced users Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 85 This is the maintainance console Within it you may use Various system commands to diagnose the system check network etc Useful commands are ping netstat route ifconfig tcpdump traceroute wget When you are done press CTRL D or type exit to get back to navigation menu console The menu contains various tools to diagnose the problems if the agent is not running properly The console can be opened any time as required and it will not interfere the agent s normal operation 2 0 4 5 5 Shutdown System Selecting this option will shut down the system shutdown the system TEE lt gt net offline The run time settings are automatically saved in the configured storage device so no extra action is needed for this Comodo Web Inspector Ad
182. xpires y Product name License key Subscription At Sites Wris rae Web inspector S00 URL license i a Bip ER TrustLogo sons Sei Bi o 2015 01 04 1 500 WALID Renew View 1 Found CAM wer e Enter the full or part of the subscription ID in the text field and or e Select the period of the subscription in the year month and date drop downs and click the Search button The search process will start and details of all your subscription will be displayed at the bottom of the screen To subscribe WI services for more websites e Click the Create New link at top right side of the screen The Comodo Sign Up Page will be displayed Webinspector MyAccount Help Contacts Logout Comodo Sign Up Page Pricing Terms web Inepeacior Free 1 Sie 5 URLS per ee No Card Requred Oweb Inspector Starter 1 site 50 URLs per site Oweb Inspector Pius 1 site 250 URLs per site Oweb Inspector Premium 1 site 700 URLs per site O Web inspector Enterprise 1 site 1000 URLs per site StesCount License Period e Select the service that you want to enroll in the Pricing Terms section e Enter your contact details in the Contact Information section Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 42 coMoDOoO Creating Trust Online Company Name Street Address Address Country State or Province Postal
183. xt screen IP Addresses Domains Test Device IP Addresses Domains Delete l Delete Device Internal Addresses Add Free P 18 6 Enter the IP addresses to be associated with the device in the Add IPs or Domains text box The IP addresses you specify here will be scanned whenever you run a scan on the Device Name You can add as many IP addresses as allowed by your license If you want to add more than one IP click on the link Add Multiple Addresses and enter the IPs separated by commas IP ranges can also be specified with each address in that range counting as one of your licensed total IP s Comodo Web Inspector Administrator Guide 2015 Comodo Security Solutions Inc All rights reserved 71 coMoDOoO Creating Trust Online IP Addresses Domains Test Device IP Aidresses Domains Delete Delete Device lniternal 0 Addresses Add Add IP 197_168 37_128 Add Free P l AddressesiDamains AddressesiDomains dd Multiple Addresses 18 Cancel 7 Click the Add button beside the text box IP Addresses Domains Test Device IP Addresses Domains Delete literal 1 Addresses Delete Device 192 168 37 128 x fig Free P Addressesivomains 1 Add IF Add Addresses Domains Add Multiple Addresses 8 The IP s Domain s will be added to the device If you want to add more IPs or Domains repeat from Step 6 9 After adding required IPs and Domains to the Device Click Save Th
184. you at http www webinspector com Make it easy for me What do I have to do to become compliant 1 Complete the PCI Self Assessment Questionnaire using our free online wizard after logging in into Web Inspector PCI service e Preliminary questions will help you to determine which validation type your company fits into and therefore of the 4 self assessments questionnaires you need to complete e Each of the questions is accompanied by expert help information and advice that will help you to both interpret the question correctly and provide the appropriate answer e Once the wizard is complete you will receive e Aquestionnaire summary detailing any control areas on which you failed compliance e A custom Remediation Plan for your company containing a list of remedial actions that you need to take alongside links to recommended products and services that will help you resolve non compliant areas e A ready to submit PCI DSS Self Assessment Questionnaire which will include your completed Attestation of Compliance 2 Conduct a quarterly vulnerability scans on your externally facing IP addresses lf your organization is required to be compliant with section 11 2 of the PCI standard then you will also need to obtain quarterly vulnerability scans on your network Web Inspector PCI will conduct an in depth audit of your network to detect vulnerabilities on your network and web server If your servers fail the t
Download Pdf Manuals
Related Search