TEM asset discovery - NMap scan on ports other then 52311

(imported topic written by SystemAdmin)

I have deployed a TEM architecture with non default port eg 52321 instead of 52311.

I want some information around how Nmap identifies managed assets. If it is based on telnet to port 52311 then how would it work in my environment.

Is there an option in nmap discovery scan wizard or anywhere else that could be modified.

(imported comment written by SystemAdmin)

Basically it is scanning some common ports to try to identify what services are running (e.g. 22, 23, 135, etc.) as well as whatever port the TEM architecture is running on. The port number is not hard coded to 52311. The actual port will be determined at execution time. This will happen in either the the default scan Fixlets or when you run through the wizard.

You can verify this by looking at the action script that is generated. There is a line that is executing nmap.exe. You will see that it has some hard coded ports and then uses relevance to determine the correct port for TEM.

(imported comment written by SystemAdmin)

In addition to jimmie jones’ reccomendations, on windows, you should ensure that the registry key HKEY_LOCAL_MACHINE\SOFTWARE\BigFix\Enterprise Server\AssetDiscovery\NMAP\port is set correctly. The Importer will read this value and use it when parsing xml scan files.