How to allow beacon network scans in a network with ICMP disabled

How to allow beacon network scans in a network with ICMP disabled

When configuring an Action for a Discovery & Inventory Rule (under Discovery & Inventory Rules -> Actions tab), the default behaviour is for MgsIPScan to use a ping-sweep for gathering discovery data through a network scan. For clarity, this setting is pictured below:









However, we acknowledge that some customer environments may have ICMP disabled, which will naturally result in a failure for the ping-sweep.

Please note the following optional registry key that can be created on the beacon server:

Hive: [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\ManageSoft Corp\ManageSoft\Discovery\CurrentVersion]

Name: DefaultPingSweepOptions

Type: REG_SZ (String)

Value: -PS

The default value is -PI, which is not visible in the registry by default. Adding the key with value '-PS' will amend the network scan behaviour from a ping-sweep, to a TCP SYN/ACK scan.

Please take note of the following:

1) Adding this registry key and changing the value will affect ALL rules that utilise a network scan that are being executed from this beacon.

2) The modified TCP SYN/ACK approach will slow down the port scanning process as a result

Further information on the 'DefaultPingSweepOptions' registry key is available at the following link:

Was this article helpful? Yes No
100% helpful (2/2)
Version history
Revision #:
6 of 6
Last update:
‎Jun 10, 2020 05:43 PM
Updated by: