Service details
From a service's details page, you can view information about a specific service running in your network. To access the page, go to the Services page and select a service from the Services table.
Service overview
At the top of the page, you can view details about the service, such as how many unique vulnerabilities are associated with it, how many IP addresses in your network are running it, and how many products you're using to run it.
Service overview fields
| Name | Description |
|---|---|
| Service | Name of the service that IP addresses are running. |
| Product count | Number of products found across all IP addresses running the service. |
| Version count | Number of product versions found across all IP addresses running the service. |
| Service instance count | Number of service instances for IP addresses running the service on open ports. If an IP address runs the service on multiple ports, we count each port as an instance. |
| Vulnerability instance count | Number of vulnerability instances found for the service. An instance is a vulnerability with a CVE number related to the service on an open port. If an IP address runs the service on multiple ports, we count the vulnerabilities for each port as additional instances. For details, see Vulnerability instances. |
| Vulnerability count | Number of vulnerabilities with CVE numbers found in your networks for the service. For example, we identify three vulnerabilities for a service across all the related products and versions. In that case, the count is three regardless of how many IP addresses run instances of the service. |
| IP address count | Number of IP addresses running the service on one or more ports. If an IP address runs a service on multiple ports, we count the IP address once. |
Instances of service
The Instances of service table includes service instances across all products and versions on different IP addresses. We define an instance as an IP address running the service on an open port. If an IP address runs the service on multiple ports, we count each port as an instance. The table also includes details such as the corresponding domain names from forward and reverse DNS lookups, the port running the service, and how many vulnerability instances we found.
Use the information to evaluate details for specific IP addresses running the service, such as before you take actions to reduce large numbers of vulnerabilities.
For information about table options, see Tables.
Columns and filters
-
To add or remove information in the table, select Columns and choose the columns to view.
-
To view and manage service instances that meet specific criteria, such as those using a product with an outdated version, select Filters and then select how to narrow the data.
| Name | Description |
|---|---|
| IP address | IPv4 or IPv6 address running the service. |
| FDNS count | Number of domain names for the IP address identified from a forward DNS (FDNS) lookup. FDNS uses a domain name to identify an IP address. |
| RDNS | Domain name for the IP address identified from a reverse DNS (RDNS) lookup. RDNS uses an IP address to identify a domain name. |
| Port | Port the IP address uses to run the service. |
| Port range | Whether the port is in the system, registered, or private port category. |
| Service tags | Reasons the service is potentially vulnerable. For details, see Tags. |
| Vulnerability instance count | Number of vulnerability instances found for the service. An instance is a vulnerability with a CVE number related to the service that the IP address runs on the port. For details, see Vulnerability instances. |
| Product | Name of the product the IP address is using to run the service. |
| Version | Version of the product the IP address uses to run the service. |
| Organization count | Number of organizations within your root organization's hierarchy using the IP address. |
| Organization | Filter for finding instances of the service associated with an organization from your hierarchy. |