{"id":58074,"date":"2022-09-20T09:42:44","date_gmt":"2022-09-20T01:42:44","guid":{"rendered":"https:\/\/version-2.com\/?p=58074"},"modified":"2022-09-29T17:41:01","modified_gmt":"2022-09-29T09:41:01","slug":"scanning-your-external-attack-surface-with-runzero","status":"publish","type":"post","link":"https:\/\/version-2.com\/zh\/2022\/09\/scanning-your-external-attack-surface-with-runzero\/","title":{"rendered":"Scanning your external attack surface with runZero"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"58074\" class=\"elementor elementor-58074\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-4da8c5f9 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"4da8c5f9\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;decf9c3&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-133ba185\" data-id=\"133ba185\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-fc2da8d post-content elementor-widget elementor-widget-text-editor\" data-id=\"fc2da8d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>While <a href=\"https:\/\/www.runzero.com\/product\/overview\/\">runZero<\/a> is mostly used for asset inventory behind the firewall, you can also use its scanner to discover your external attack surface.<\/p>\n<p>External scans are beneficial for a number of use cases, such as:<\/p>\n<ul>\n<li>Getting visibility into external hosts and exposed services<\/li>\n<li>Assessing infrastructure of corporate acquisition targets<\/li>\n<li>Performing vendor security screening<\/li>\n<li>Reconnaissance for penetration testing<\/li>\n<\/ul>\n<h2 id=\"differences-between-runzero-and-easms\">Differences between runZero and EASMs <a href=\"#differences-between-runzero-and-easms\"><i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/a><\/h2>\n<p>New users sometimes wonder about the differences between runZero and solutions for external attack surface management (EASM), such as Censys and ShodanHQ. Many of these solutions scan the whole world so you can query their host database. However, network owners can ask to exclude their IP ranges for all users (i.e., not all hosts show up in your search). Some vendors will have tools or services that discover all of your externally-facing assets.<\/p>\n<p>By contrast, runZero:<\/p>\n<ul>\n<li>Is primarily an internal <a href=\"https:\/\/www.runzero.com\/blog\/it-asset-inventory-guide\/\">asset inventory<\/a> and <a href=\"https:\/\/www.runzero.com\/topics\/network-discovery\/\">network discovery tool<\/a>, but also has the ability to discover public-facing hosts.<\/li>\n<li>Collects data through a combination of active scanning and <a href=\"https:\/\/www.runzero.com\/product\/integrations\/\">integrations<\/a>.<\/li>\n<li>Takes inputs in the form of ASNs, domains, IPs, and FQDNs (as well as public IPs discovered in internal scans).<\/li>\n<li>Can integrate with <a href=\"https:\/\/www.runzero.com\/docs\/shodan\/\">Shodan<\/a> &amp; <a href=\"https:\/\/www.runzero.com\/docs\/censys\">Censys<\/a> to identify hosts and augment data.<\/li>\n<li>Augments scans with other sources through integrations (e.g., cloud hosting providers, vulnerability scanners, and EDR platforms).<\/li>\n<li>Offers a much richer data set per asset.<\/li>\n<\/ul>\n<h2 id=\"how-to-scan-your-public-facing-hosts\">How to scan your public-facing hosts <a href=\"#how-to-scan-your-public-facing-hosts\"><i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/a><\/h2>\n<p>If you don\u2019t have access to runZero Enterprise Edition, you can sign up for a <a href=\"https:\/\/www.runzero.com\/try\/signup\/\">free 21-day trial<\/a> to follow this walkthrough. The <a href=\"https:\/\/www.runzero.com\/product\/pricing\/\">free Starter Edition<\/a> doesn\u2019t contain some of the features described in this blog post.<\/p>\n<h3 id=\"step-1-determining-domains-and-asns-to-scan\">Step 1: Determining domains and ASNs to scan <a href=\"#step-1-determining-domains-and-asns-to-scan\"><i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/a><\/h3>\n<p>The easiest way to get started with external scans is through:<\/p>\n<ul>\n<li><strong>Domains<\/strong> &#8211; There are several options for finding the domains associated with your organization. Best to check with the person who\u2019s managing your domain registrations and renewals. Doing a reverse WhoIs lookup hasn\u2019t been a good option for a couple of years now, but if you lack alternatives, use <a href=\"https:\/\/www.whoxy.com\/\" target=\"_blank\">Whoxy<\/a> to find all domains registered to the same company.<\/li>\n<li><strong>ASNs<\/strong> &#8211;  If you don\u2019t know the ASN for your company, you can use a lookup service, such as <a href=\"https:\/\/asnlookup.com\/\" target=\"_blank\">ASNLookup<\/a> to identify the ASNs for your organization.<\/li>\n<\/ul>\n<p>For this example, let\u2019s scan the external attack surface of a real organization and its properties, but blur any identifying data to ensure that the organization doesn\u2019t become a target as a result of this post.<\/p>\n<img decoding=\"async\" src=\"https:\/\/www.runzero.com\/img\/posts\/external-scanning\/asn-lookup.png\" class=\"img-fluid\" alt=\"ASN lookup\" title=\"ASN lookup\">\n<h3 id=\"step-2-adding-censys-or-shodan-integrations\">Step 2: Adding Censys or Shodan integrations <a href=\"#step-2-adding-censys-or-shodan-integrations\"><i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/a><\/h3>\n<p>You can also discover your external hosts via <a href=\"https:\/\/www.runzero.com\/docs\/shodan\/\">Shodan<\/a> or <a href=\"https:\/\/www.runzero.com\/docs\/censys\">Censys<\/a> integration. The integration can pull in additional machines that may not be in your ASN or domain scope. To use the integration, go to <strong>Inventory &gt; Assets<\/strong> in your navigation menu and select <strong>Censys search<\/strong> or <strong>Shodan search<\/strong> from the <strong>Connect<\/strong> dropdown menu. You\u2019ll have to <a href=\"https:\/\/www.runzero.com\/docs\/shodan\/#step-1-add-the-shodan-credential-to-runzero\">set up credentials<\/a> with an API key to build the query.<\/p>\n<img decoding=\"async\" src=\"https:\/\/www.runzero.com\/img\/posts\/external-scanning\/censys-search-configuration.png\" class=\"img-fluid\" alt=\"Censys Search configuration\" title=\"Censys Search configuration\">\n<p>In the Censys configuration, we query <code>acme.org<\/code> in our search. This will also find any hosts that use the string <code>acme.org<\/code> in the common name of a TLS certificate. You can run this import either once or on a schedule.<\/p>\n<p>Alternatively, you can set the <strong>Censys search mode<\/strong> to <strong>All external assets<\/strong>, which will not discover new assets, but enrich the assets already captured in runZero with Censys data. However, for this use case, we\u2019ll go with the former setting.<\/p>\n<p>The import will pull any information about the matching hosts, including services and attributes, into your inventory. You should now see some assets with limited data being populated in your runZero inventory. You can view the details for one of the imported hosts and see the following information:<\/p>\n<img decoding=\"async\" src=\"https:\/\/www.runzero.com\/img\/posts\/external-scanning\/censys-attributes.jpg\" class=\"img-fluid\" alt=\"Censys attributes\" title=\"Censys attributes\">\n<h3 id=\"step-4-starting-an-external-scan-using-hosted-zones\">Step 4: Starting an external scan using hosted zones <a href=\"#step-4-starting-an-external-scan-using-hosted-zones\"><i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/a><\/h3>\n<p>In runZero, set up a new organization or project, then go to the <a href=\"%e2%80%8b%e2%80%8bhttps:\/\/console.runzero.com\/inventory\">inventory<\/a>, click the <strong>Scan<\/strong> button and select <strong>Standard scan<\/strong>.<\/p>\n<p>From the scan configuration page:<\/p>\n<ul>\n<li>Choose <strong>US &#8211; New York<\/strong> as the <strong>Hosted zone<\/strong> (this is a runZero-hosted Explorer in the cloud).<\/li>\n<li>Increase the scan rate from 1,000 to 5,000 (to accelerate the scan).<\/li>\n<li>In the <strong>Discovery scope<\/strong>, enter the following data:\n<ul>\n<li><strong>public:all:<\/strong> This will scan all the public IPs that were pulled in via Shodan or Censys in the previous step. If you are scanning your internal network with runZero, this will also add all public IPs discovered by any other means into the scope.<\/li>\n<li><strong>asn4:12345:<\/strong> Enter all ASNs in this format to target all IP addresses registered to this ASN. Note the digit 4 after ASN in the notation.<\/li>\n<li><strong>domain:acme.org:<\/strong> Add all domains that you are targeting. runZero will add all subdomains connected to these domains.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<img decoding=\"async\" src=\"https:\/\/www.runzero.com\/img\/posts\/external-scanning\/scan-config.png\" class=\"img-fluid\" alt=\"Scan configuration\" title=\"Scan configuration\">\n<p>Click <strong>Initialize scan<\/strong>. runZero now looks up both the IPs registered under the ASNs as well as all subdomains associated with the domains you are looking to scan and displays a sample for confirmation. Confirm your scan settings.<\/p>\n<img decoding=\"async\" src=\"https:\/\/www.runzero.com\/img\/posts\/external-scanning\/confirm-scan-config.png\" class=\"img-fluid\" alt=\"Scan configuration confirmation\" title=\"Scan configuration confirmation\">\n<p>Once the scan task has completed, go view your populated <a href=\"https:\/\/console.runzero.com\/inventory\" target=\"_blank\">inventory<\/a>.<\/p>\n<img decoding=\"async\" src=\"https:\/\/www.runzero.com\/img\/posts\/external-scanning\/populated-inventory.png\" class=\"img-fluid\" alt=\"View your populated inventory\" title=\"View your populated inventory\">\n<p>runZero hosted zones are deployed with Digital Ocean. If you prefer to host your own Explorer, we recommend Digital Ocean because AWS, Azure, and GCP all rate-limit or filter outbound scan traffic in a way that impacts the quality of scan results. The runZero hosted zones performed much better than running a scan from an ISP as well, regardless of whether a VPN was used or not.<\/p>\n<h3 id=\"step-5-digging-into-your-inventory\">Step 5: Digging into your inventory <a href=\"#step-5-digging-into-your-inventory\"><i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/a><\/h3>\n<p>Looking at this data set, there are quite a few hosts with EOL operating systems. You can use the following <a href=\"https:\/\/console.runzero.com\/inventory?search=os_eol%3A%3Cnow\" target=\"_blank\">query<\/a> to find these:<\/p>\n<pre tabindex=\"0\"><code>os_eol:&lt;now\n<\/code><\/pre><p>Some operating system vendors will enable you to purchase extended support services. To only view systems that are outside the extended support period, use the following <a href=\"https:\/\/console.runzero.com\/inventory?search=os_eol_extended%3A%3Cnow\" target=\"_blank\">query<\/a>:<\/p>\n<pre tabindex=\"0\"><code>os_eol_extended:&lt;now\n<\/code><\/pre><p>Assets can often leak secondary IP addresses, often within the RFC 1918 range. These machines are potential pivot points into private network spaces. To find those quickly, use the <a href=\"https:\/\/console.runzero.com\/inventory?search=has_private%3At\" target=\"_blank\">query<\/a>:<\/p>\n<pre tabindex=\"0\"><code>has_private:t\n<\/code><\/pre><p>Best practices are to have as few services on a single host as possible, especially when they are public-facing, to avoid the risk of one vulnerable service compromising another one. Sorting the column with the number of services per host reveals one host with eight services. After opening the Asset Details page, we can see these in the Services section.<\/p>\n<img decoding=\"async\" src=\"https:\/\/www.runzero.com\/img\/posts\/external-scanning\/services.png\" class=\"img-fluid\" alt=\"Services list\" title=\"Services list\">\n<p>Each one of these services has an extensive list of attributes that provide more information.<\/p>\n<h3 id=\"step-6-finding-problematic-ssh-services\">Step 6: Finding problematic SSH services <a href=\"#step-6-finding-problematic-ssh-services\"><i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/a><\/h3>\n<p>Looking at the SSH service on port 22, we see that it supports the authentication method of both password and public key. Allowing a simple password authentication may indicate elevated risk to your infrastructure.<\/p>\n<img decoding=\"async\" src=\"https:\/\/www.runzero.com\/img\/posts\/external-scanning\/ssh-auth-publicKey.png\" class=\"img-fluid\" alt=\"SSH service\" title=\"SSH service\">\n<p>Clicking on the magnifying glass with the + sign next to the attribute name reveals that there are a total of 24 hosts that allow this kind of authentication.<\/p>\n<img decoding=\"async\" src=\"https:\/\/www.runzero.com\/img\/posts\/external-scanning\/ssh-auth-methods.png\" class=\"img-fluid\" alt=\"Auth method results\" title=\"Auth method results\">\n<p>Clicking on the attribute value or the count will display a list of hosts that match the query.<\/p>\n<p>Back on the Asset Details page, clicking the magnifying glass next to the banner shows an overview of all the different SSH versions deployed in the infrastructure.<\/p>\n<img decoding=\"async\" src=\"https:\/\/www.runzero.com\/img\/posts\/external-scanning\/ssh-versions.jpg\" class=\"img-fluid\" alt=\"SSH versions\" title=\"SSH versions\">\n<p>This works for all of the banner versions for other protocols as well. For example, you can very quickly and easily get a list of all of the Microsoft SQL Servers deployed in the environment, sorted by version number.<\/p>\n<p>Going back to the Asset Details page, clicking the magnifying glass next to <code>ssh.hostKey.md5<\/code> displays the frequency report for this attribute. It shows that several machines share the same SSH private key. This presents a security risk because if one of the hosts is compromised, it would also compromise other hosts sharing the same SSH private key. This typically happens when virtual machines are cloned without regenerating the SSH keys.<\/p>\n<img decoding=\"async\" src=\"https:\/\/www.runzero.com\/img\/posts\/external-scanning\/ssh-host-keys.jpg\" class=\"img-fluid\" alt=\"SSH host keys\" title=\"SSH host keys\">\n<h3 id=\"step-7-identifying-databases-exposed-to-the-internet\">Step 7: Identifying databases exposed to the Internet <a href=\"#step-7-identifying-databases-exposed-to-the-internet\"><i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/a><\/h3>\n<p>Generally, databases should be accessible only to the applications that require access. They should never be accessible on a public IP. The same host exposes MariaDB version 10.5.15 on port 3306, which has <a href=\"https:\/\/mariadb.com\/kb\/en\/security\/\" target=\"_blank\">several associated security vulnerabilities<\/a>.<\/p>\n<img decoding=\"async\" src=\"https:\/\/www.runzero.com\/img\/posts\/external-scanning\/ip-ttl.jpg\" class=\"img-fluid\" alt=\"Identify databases exposed to the Internet\" title=\"Identify databases exposed to the Internet\">\n<div class=\"alert alert-warning\" bis_skin_checked=\"1\">\n<strong>Is runZero a vuln scanner?<\/strong><br><br>\nrunZero is an asset inventory and network discovery solution, not a vulnerability scanner, but its findings can sometimes point to security vulnerabilities.\n<\/div>\n<h3 id=\"step-8-looking-at-exposed-services\">Step 8: Looking at exposed services <a href=\"#step-8-looking-at-exposed-services\"><i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/a><\/h3>\n<p>Let\u2019s move on to the <a href=\"https:\/\/console.runzero.com\/inventory\/services\" target=\"_blank\">Services Inventory<\/a> now. A great way to find unusual services exposed on an external IP is to sort the ports by high numbers first.<\/p>\n<img decoding=\"async\" src=\"https:\/\/www.runzero.com\/img\/posts\/external-scanning\/exposed-services.jpg\" class=\"img-fluid\" alt=\"Services Inventory\" title=\"Services Inventory\">\n<p>In this environment, we\u2019re seeing a Prometheus Node Exporter metrics server on port 9100, three IRC services, a mySQL\/MariaDB service, NFS on port 2049, and RSYNC on three different machines. These may all provide options to an attacker. For example, <a href=\"https:\/\/www.netspi.com\/blog\/technical\/network-penetration-testing\/linux-hacking-case-studies-part-1-rsync\/\" target=\"_blank\">insecurely configured Rsync servers are found<\/a> during network penetration tests about a third of the time.<\/p>\n<h3 id=\"step-9-browsing-web-service-screenshots\">Step 9: Browsing web service screenshots <a href=\"#step-9-browsing-web-service-screenshots\"><i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/a><\/h3>\n<p>The <a href=\"https:\/\/console.runzero.com\/inventory\/screenshots\" target=\"_blank\">Screenshots Inventory<\/a> lists all screenshots taken from Web services. runZero uses the Google Chrome browser to render and screenshot any web pages. If you are using the cloud-hosted explorer as described above, you\u2019re all set. If you are hosting your own explorer, please ensure that you have Chrome installed on the same machine to enable this feature.<\/p>\n<img decoding=\"async\" src=\"https:\/\/www.runzero.com\/img\/posts\/external-scanning\/screenshots.jpg\" class=\"img-fluid\" alt=\"Screenshots Inventory\" title=\"Screenshots Inventory\">\n<p>Browsing through the screenshots is a great, visual way to inspect exposed websites. In our example, we\u2019re seeing Jitsi Meet and GitLab sites, which may be OK to host externally as long as they\u2019re updated and use strong authentication.<\/p>\n<h3 id=\"step-10-looking-at-software-inventory\">Step 10: Looking at software inventory <a href=\"#step-10-looking-at-software-inventory\"><i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/a><\/h3>\n<p>runZero can also infer installed software if it can be deduced either from a network scan or an integration. runZero\u2019s <a href=\"https:\/\/console.runzero.com\/inventory\/software\" target=\"_blank\">Software Inventory<\/a> provides a great way to get insight into software installed on hosts that are reachable over the Internet.<\/p>\n<img decoding=\"async\" src=\"https:\/\/www.runzero.com\/img\/posts\/external-scanning\/software-inventory.png\" class=\"img-fluid\" alt=\"Software Inventory\" title=\"Software Inventory\">\n<p>A view that may be even better in understanding your product exposure is the <a href=\"https:\/\/console.runzero.com\/dashboard\/category\/products\" target=\"_blank\">Most seen products report<\/a> on the dashboard. To access the report, go to the Dashboard and look for the <strong>Most seen products<\/strong> card. After you find it, click <strong>View more<\/strong>.<\/p>\n<img decoding=\"async\" src=\"https:\/\/www.runzero.com\/img\/posts\/external-scanning\/most-products-seen.png\" class=\"img-fluid\" alt=\"Most Products Seen\" title=\"Most Products Seen\">\n<p>The results for least seen products are actually more interesting than the most seen ones because these show the long tail of the software inventory. If a piece of software is only installed once in your environment, it is less likely to be well configured and patched.<\/p>\n<h3 id=\"step-11-create-a-report-for-your-external-assets\">Step 11: Create a report for your external assets <a href=\"#step-11-create-a-report-for-your-external-assets\"><i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/a><\/h3>\n<p>Now that you have discovered and analyzed all of your externally-facing assets, you can also generate a report for others to review. Go to Reports, find the <a href=\"https:\/\/console.runzero.com\/reports\/analysis\/external\" target=\"_blank\">External Assets Report<\/a>, and launch it.<\/p>\n<img decoding=\"async\" src=\"https:\/\/www.runzero.com\/img\/posts\/external-scanning\/external-assets-report.jpg\" class=\"img-fluid\" alt=\"External Assets Report configuration\" title=\"External Assets Report configuration\">\n<p>From the External Assets Report configuration screen, you can choose what you\u2019d like to include in the results. Additionally, if you need to view it regularly, you can set up a schedule and email it to yourself (and any other runZero user who wants a copy). Initialize the report when you\u2019ve finished configuring the settings. The generated report will display and show you the results. You can save the report as a PDF to easily share with others.<\/p>\n<img decoding=\"async\" src=\"https:\/\/www.runzero.com\/img\/posts\/external-scanning\/external-assets-report-pdf.jpg\" class=\"img-fluid\" alt=\"External Assets Report\" title=\"External Assets Report\">\n<h3 id=\"step-12-get-alerted-on-changes-to-your-external-asset-inventory\">Step 12: Get alerted on changes to your external asset inventory <a href=\"#step-12-get-alerted-on-changes-to-your-external-asset-inventory\"><i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/a><\/h3>\n<p>If you work in enterprise security, you probably want to know about any changes to your external asset inventory. In this case, you should set up a Censys or Shodan import and run the hosted scan on a schedule. Then, you can set up alerts to trigger post-scan, so you know everything that has changed in your environment.<\/p>\n<p>In this example we\u2019ll use email as the method of communication. To set up an alert, go to <a href=\"https:\/\/console.runzero.com\/alerts\/channels\" target=\"_blank\">Alerts &gt; Channels<\/a> and click <strong>Create channel<\/strong>. Pick a name for your channel, select <strong>Email<\/strong> as <strong>Channel type<\/strong> and enter the email address you want to notify. Then click <strong>Save channel<\/strong>.<\/p>\n<img decoding=\"async\" src=\"https:\/\/www.runzero.com\/img\/posts\/external-scanning\/new-channel.png\" class=\"img-fluid\" alt=\"New channel\" title=\"New channel\">\n<p>Go <a href=\"https:\/\/console.runzero.com\/alerts\/rules\" target=\"_blank\">Alerts &gt; Rules<\/a>, and click <strong>Create rule<\/strong>. Select <strong>new-assets-found<\/strong> and click <strong>Configure rule<\/strong>.<\/p>\n<img decoding=\"async\" src=\"https:\/\/www.runzero.com\/img\/posts\/external-scanning\/new-rule-query.jpg\" class=\"img-fluid\" alt=\"Rule event\" title=\"Rule event\">\n<p>When the <strong>New rule configuration<\/strong> page appears, enter the following:<\/p>\n<ul>\n<li>Name:\n<ul>\n<li>A name for your rule.<\/li>\n<\/ul>\n<\/li>\n<li>Conditions:\n<ul>\n<li>Enter 0 to the right of is greater than. This will trigger the rule if there are any changes to assets.<\/li>\n<li>In Limit to organization, select an organization if you have several in your account. You may choose a different organization (or site) for your external point of view rather than your internal assets.<\/li>\n<\/ul>\n<\/li>\n<li>Action:\n<ul>\n<li>Choose the notification channel you just created.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<img decoding=\"async\" src=\"https:\/\/www.runzero.com\/img\/posts\/external-scanning\/new-rule.png\" class=\"img-fluid\" alt=\"New rule\" title=\"New rule\">\n<p>You\u2019ll now be notified after each import or scan if the assets have changed.<\/p>\n<h2 id=\"use-runzero-for-your-internal-asset-inventory\">Use runZero for your internal asset inventory <a href=\"#use-runzero-for-your-internal-asset-inventory\"><i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/a><\/h2>\n<p>runZero is primarily made for discovering your internal asset inventory. As you can see, it can also be useful for understanding your externally-facing assets.<\/p>\n<p>As a next step, you should <a href=\"https:\/\/console.runzero.com\/organizations\/new\/\" target=\"_blank\">set up another organization<\/a> and to scan your internal network to get a better understanding of your asset inventory. You can <a href=\"https:\/\/www.runzero.com\/try\/signup\/\" target=\"_blank\">sign up for the free 21-day trial<\/a> of runZero Enterprise Edition (no credit card required). If you are a private user or work for a company with less than 256 assets, you can <a href=\"https:\/\/www.runzero.com\/product\/pricing\/\" target=\"_blank\">use runZero Starter Edition<\/a> for free.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8085a61 post-content elementor-widget elementor-widget-shortcode\" data-id=\"8085a61\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"shortcode.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-shortcode\">\t\t<div data-elementor-type=\"page\" data-elementor-id=\"18103\" class=\"elementor elementor-18103\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-748947f elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"748947f\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7995c19\" data-id=\"7995c19\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-a437045 elementor-widget elementor-widget-image-box\" data-id=\"a437045\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image-box.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-image-box-wrapper\"><div class=\"elementor-image-box-content\"><h3 class=\"elementor-image-box-title\">About Version 2 Digital<\/h3><p class=\"elementor-image-box-description\">Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.\n<br><br>\nThrough an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.<\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\n\t\t<div data-elementor-type=\"page\" data-elementor-id=\"55060\" class=\"elementor elementor-55060\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-6b25dc0d elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"6b25dc0d\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-3cc1b37d\" data-id=\"3cc1b37d\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-52c4a230 elementor-widget elementor-widget-text-editor\" data-id=\"52c4a230\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><strong>About runZero<\/strong><br \/>runZero, a network discovery and asset inventory solution, was founded in 2018 by HD Moore, the creator of Metasploit. HD envisioned a modern active discovery solution that could find and identify everything on a network\u2013without credentials. As a security researcher and penetration tester, he often employed benign ways to get information leaks and piece them together to build device profiles. Eventually, this work led him to leverage applied research and the discovery techniques developed for security and penetration testing to create runZero.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>While runZero is mostly used for asset inventory behind [&hellip;]<\/p>\n","protected":false},"author":143524195,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[488,976,61],"tags":[977,489],"class_list":["post-58074","post","type-post","status-publish","format-standard","hentry","category-488","category-runzero","category-press-release","tag-runzero","tag-489"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Scanning your external attack surface with runZero - Version 2<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.runzero.com\/blog\/external-scanning\/\" \/>\n<meta property=\"og:locale\" content=\"zh_HK\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Scanning your external attack surface with runZero - Version 2\" \/>\n<meta property=\"og:description\" content=\"While runZero is mostly used for asset inventory behind [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.runzero.com\/blog\/external-scanning\/\" \/>\n<meta property=\"og:site_name\" content=\"Version 2\" \/>\n<meta property=\"article:published_time\" content=\"2022-09-20T01:42:44+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-09-29T09:41:01+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.runzero.com\/img\/posts\/external-scanning\/asn-lookup.png\" \/>\n<meta name=\"author\" content=\"version2hk\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"version2hk\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9810\u8a08\u95b1\u8b80\u6642\u9593\" \/>\n\t<meta name=\"twitter:data2\" content=\"16 \u5206\u9418\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.runzero.com\\\/blog\\\/external-scanning\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2022\\\/09\\\/scanning-your-external-attack-surface-with-runzero\\\/\"},\"author\":{\"name\":\"version2hk\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/d14d2d3cd77ffdb618b9f1330fe084db\"},\"headline\":\"Scanning your external attack surface with runZero\",\"datePublished\":\"2022-09-20T01:42:44+00:00\",\"dateModified\":\"2022-09-29T09:41:01+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2022\\\/09\\\/scanning-your-external-attack-surface-with-runzero\\\/\"},\"wordCount\":2124,\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.runzero.com\\\/blog\\\/external-scanning\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.runzero.com\\\/img\\\/posts\\\/external-scanning\\\/asn-lookup.png\",\"keywords\":[\"runZero\",\"2022\"],\"articleSection\":[\"2022\",\"runZero\",\"Press Release\"],\"inLanguage\":\"zh-HK\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/version-2.com\\\/2022\\\/09\\\/scanning-your-external-attack-surface-with-runzero\\\/\",\"url\":\"https:\\\/\\\/www.runzero.com\\\/blog\\\/external-scanning\\\/\",\"name\":\"Scanning your external attack surface with runZero - Version 2\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.runzero.com\\\/blog\\\/external-scanning\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.runzero.com\\\/blog\\\/external-scanning\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.runzero.com\\\/img\\\/posts\\\/external-scanning\\\/asn-lookup.png\",\"datePublished\":\"2022-09-20T01:42:44+00:00\",\"dateModified\":\"2022-09-29T09:41:01+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.runzero.com\\\/blog\\\/external-scanning\\\/#breadcrumb\"},\"inLanguage\":\"zh-HK\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.runzero.com\\\/blog\\\/external-scanning\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/www.runzero.com\\\/blog\\\/external-scanning\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.runzero.com\\\/img\\\/posts\\\/external-scanning\\\/asn-lookup.png\",\"contentUrl\":\"https:\\\/\\\/www.runzero.com\\\/img\\\/posts\\\/external-scanning\\\/asn-lookup.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.runzero.com\\\/blog\\\/external-scanning\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9801\",\"item\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Scanning your external attack surface with runZero\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"name\":\"Version 2\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/version-2.com\\\/zh\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"zh-HK\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\",\"name\":\"Version 2\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"width\":1795,\"height\":335,\"caption\":\"Version 2\"},\"image\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/d14d2d3cd77ffdb618b9f1330fe084db\",\"name\":\"version2hk\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"caption\":\"version2hk\"},\"sameAs\":[\"http:\\\/\\\/version2xfortcom.wordpress.com\"],\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/author\\\/version2hk\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Scanning your external attack surface with runZero - Version 2","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.runzero.com\/blog\/external-scanning\/","og_locale":"zh_HK","og_type":"article","og_title":"Scanning your external attack surface with runZero - Version 2","og_description":"While runZero is mostly used for asset inventory behind [&hellip;]","og_url":"https:\/\/www.runzero.com\/blog\/external-scanning\/","og_site_name":"Version 2","article_published_time":"2022-09-20T01:42:44+00:00","article_modified_time":"2022-09-29T09:41:01+00:00","og_image":[{"url":"https:\/\/www.runzero.com\/img\/posts\/external-scanning\/asn-lookup.png","type":"","width":"","height":""}],"author":"version2hk","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"version2hk","\u9810\u8a08\u95b1\u8b80\u6642\u9593":"16 \u5206\u9418"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.runzero.com\/blog\/external-scanning\/#article","isPartOf":{"@id":"https:\/\/version-2.com\/2022\/09\/scanning-your-external-attack-surface-with-runzero\/"},"author":{"name":"version2hk","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/d14d2d3cd77ffdb618b9f1330fe084db"},"headline":"Scanning your external attack surface with runZero","datePublished":"2022-09-20T01:42:44+00:00","dateModified":"2022-09-29T09:41:01+00:00","mainEntityOfPage":{"@id":"https:\/\/version-2.com\/2022\/09\/scanning-your-external-attack-surface-with-runzero\/"},"wordCount":2124,"publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"image":{"@id":"https:\/\/www.runzero.com\/blog\/external-scanning\/#primaryimage"},"thumbnailUrl":"https:\/\/www.runzero.com\/img\/posts\/external-scanning\/asn-lookup.png","keywords":["runZero","2022"],"articleSection":["2022","runZero","Press Release"],"inLanguage":"zh-HK"},{"@type":"WebPage","@id":"https:\/\/version-2.com\/2022\/09\/scanning-your-external-attack-surface-with-runzero\/","url":"https:\/\/www.runzero.com\/blog\/external-scanning\/","name":"Scanning your external attack surface with runZero - Version 2","isPartOf":{"@id":"https:\/\/version-2.com\/zh\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.runzero.com\/blog\/external-scanning\/#primaryimage"},"image":{"@id":"https:\/\/www.runzero.com\/blog\/external-scanning\/#primaryimage"},"thumbnailUrl":"https:\/\/www.runzero.com\/img\/posts\/external-scanning\/asn-lookup.png","datePublished":"2022-09-20T01:42:44+00:00","dateModified":"2022-09-29T09:41:01+00:00","breadcrumb":{"@id":"https:\/\/www.runzero.com\/blog\/external-scanning\/#breadcrumb"},"inLanguage":"zh-HK","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.runzero.com\/blog\/external-scanning\/"]}]},{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/www.runzero.com\/blog\/external-scanning\/#primaryimage","url":"https:\/\/www.runzero.com\/img\/posts\/external-scanning\/asn-lookup.png","contentUrl":"https:\/\/www.runzero.com\/img\/posts\/external-scanning\/asn-lookup.png"},{"@type":"BreadcrumbList","@id":"https:\/\/www.runzero.com\/blog\/external-scanning\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9801","item":"https:\/\/version-2.com\/zh\/"},{"@type":"ListItem","position":2,"name":"Scanning your external attack surface with runZero"}]},{"@type":"WebSite","@id":"https:\/\/version-2.com\/zh\/#website","url":"https:\/\/version-2.com\/zh\/","name":"Version 2","description":"","publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/version-2.com\/zh\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"zh-HK"},{"@type":"Organization","@id":"https:\/\/version-2.com\/zh\/#organization","name":"Version 2","url":"https:\/\/version-2.com\/zh\/","logo":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","contentUrl":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","width":1795,"height":335,"caption":"Version 2"},"image":{"@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/d14d2d3cd77ffdb618b9f1330fe084db","name":"version2hk","image":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","caption":"version2hk"},"sameAs":["http:\/\/version2xfortcom.wordpress.com"],"url":"https:\/\/version-2.com\/zh\/author\/version2hk\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pbQRKm-f6G","post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/58074","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/users\/143524195"}],"replies":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/comments?post=58074"}],"version-history":[{"count":19,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/58074\/revisions"}],"predecessor-version":[{"id":58111,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/58074\/revisions\/58111"}],"wp:attachment":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/media?parent=58074"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/categories?post=58074"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/tags?post=58074"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}