This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Announcements
New SecOps Webinar May 14th! Learn about Gemini's generative AI within Google SecOps
Log in to ask a question

New Scan Range to Allowlist

Posted on 04-05-2024 09:09 AM
lexrzasa1
Staff
Reply posted on --/--/---- --:-- AM

For the best results using Mandiant Attack Surface Management,  add the following IP addresses to your allowlists:

  • 34.68.34.64/27
  • 8.34.210.32/27

Visit the documentation for information on the Mandiant ASM scan rages.


 

 

Solved Solved
4 5 2,518
Topic Labels
Jump to Solution
2 ACCEPTED SOLUTIONS

Posted on --/--/---- --:-- AM
hzmndt
Staff
Reply posted on --/--/---- --:-- AM

Scan activity will source from these IP addresses:

  • 34.19.127.192/28
  • 34.19.116.48/28
  • 34.19.127.208/28
  • 34.19.127.176/28
  • 34.68.34.64/27
  • 8.34.210.32/27

View solution in original post

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
Rob_P
Staff
Reply posted on --/--/---- --:-- AM

Hello @mkm - 

We do strongly suggest that your team sets those IP ranges to be allowed to scan your external perimeter devices.   Depending on the technologies being scanned, many of them allow for a list of known/authorized internet scanners.  Please note this is not an allow list which grants them access to any internal systems, this is allow listing permits those external ranges to scan the devices, and to not cause any interference with the scanners, such as dropping the connections, or blocking them if the perimeter devices believes its Malicious scanning. 

For more information, please see the below link: 
https://docs.mandiant.com/home/asm-opt-out-of-scanning

Please also note the Scan Ranges have been updated since the original post, please see this updated list:
https://docs.mandiant.com/home/asm-scan-ranges#scan-ranges

 

View solution in original post

Jump to Solution
5 REPLIES 5

Posted on --/--/---- --:-- AM
hzmndt
Staff
Reply posted on --/--/---- --:-- AM

Scan activity will source from these IP addresses:

  • 34.19.127.192/28
  • 34.19.116.48/28
  • 34.19.127.208/28
  • 34.19.127.176/28
  • 34.68.34.64/27
  • 8.34.210.32/27
Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
mkm
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hello, 

Is it a prerequisite to allow this ip addresses, on end user infra, for ASM collection can collect informations ?

Thank You

Thank You

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
Rob_P
Staff
Reply posted on --/--/---- --:-- AM

Hello @mkm - 

We do strongly suggest that your team sets those IP ranges to be allowed to scan your external perimeter devices.   Depending on the technologies being scanned, many of them allow for a list of known/authorized internet scanners.  Please note this is not an allow list which grants them access to any internal systems, this is allow listing permits those external ranges to scan the devices, and to not cause any interference with the scanners, such as dropping the connections, or blocking them if the perimeter devices believes its Malicious scanning. 

For more information, please see the below link: 
https://docs.mandiant.com/home/asm-opt-out-of-scanning

Please also note the Scan Ranges have been updated since the original post, please see this updated list:
https://docs.mandiant.com/home/asm-scan-ranges#scan-ranges

 

Jump to Solution

Posted on --/--/---- --:-- AM
hzmndt
Staff
Reply posted on --/--/---- --:-- AM

Assume GTI-ASM using the same scan range, the page 
https://gtidocs.virustotal.com/docs/asm-scan-ranges
not yet updated with the latest scan IP list 

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
hzmndt
Staff
Reply posted on --/--/---- --:-- AM

Latest scan range:

  • 34.19.127.192/28
  • 34.19.116.48/28
  • 34.19.127.208/28
  • 34.19.127.176/27
  • 34.68.34.64/27
  • 8.34.210.32/27
  • 3.14.73.254
  • 3.14.82.245
  • 3.14.84.197
  • 3.14.86.234
  • 3.15.169.123
  • 3.15.179.241
  • 3.15.180.31
  • 3.16.148.58
  • 3.16.213.130
  • 3.17.72.122
  • 3.17.73.23
  • 3.17.206.73
  • 3.17.207.148
  • 3.18.101.236
  • 3.18.108.78
  • 3.19.14.190
  • 3.19.14.223
  • 3.19.223.104
  • 3.19.240.76
  • 3.21.171.90
  • 3.22.234.7
  • 3.23.59.18
  • 3.23.104.96
  • 3.129.92.250
  • 3.133.84.157
  • 3.134.93.22
  • 3.134.100.58
  • 3.134.101.147
  • 3.137.136.201
  • 3.137.141.123
  • 3.137.146.232
  • 3.137.148.99
  • 3.137.151.234
  • 3.138.190.72
  • 3.139.58.65
  • 3.141.153.201
  • 3.141.168.125
  • 3.142.97.232
  • 3.142.219.55
  • 3.144.44.57
  • 3.144.77.222
  • 3.144.120.14
  • 3.144.120.21
  • 3.144.192.36
  • 3.144.236.65
  • 3.144.239.16
  • 3.144.245.141
  • 13.58.84.198
  • 13.58.114.74
  • 13.58.203.73
  • 13.59.16.128
  • 13.59.59.233
  • 13.59.120.77
  • 13.59.132.170
  • 13.59.242.100
  • 18.116.202.164
  • 18.116.239.38
  • 18.117.109.14
  • 18.117.218.107
  • 18.118.100.31
  • 18.118.107.228
  • 18.119.11.223
  • 18.119.13.69
  • 18.188.53.152
  • 18.188.134.51
  • 18.188.229.2
  • 18.189.28.87
  • 18.190.152.179
  • 18.191.16.102
  • 18.191.69.170
  • 18.191.84.177
  • 18.191.173.38
  • 18.191.255.164
  • 18.217.102.23
  • 18.217.128.63
  • 18.218.94.172
  • 18.218.168.5
  • 18.218.230.153
  • 18.219.11.104
  • 18.219.37.54
  • 18.219.47.173
  • 18.219.56.153
  • 18.219.157.186
  • 18.219.193.156
  • 18.220.248.172
  • 18.221.18.194
  • 18.221.100.43
  • 18.221.180.165
  • 18.221.214.151
  • 18.222.192.238
  • 18.222.201.82
  • 18.222.255.237
  • 18.223.2.197
  • 18.224.39.133
  • 18.224.93.149
  • 18.224.184.103
  • 18.225.7.162
  • 52.14.202.153
  • 52.15.76.227
  • 52.15.78.25
Jump to Solution
0 Likes