What is Internet Scanner?
Internet Scanner provides automated security vulnerability detection and analysis for devices on a network. This policy-driven process measures and manages information security risk, allowing administrators to match security policy with rapidly changing demands for open networking applications and increasingly complex network environments.
This version of Internet Scanner runs on Microsoft Windows NT 4.0 Workstation or Microsoft Windows 2000 Professional.
翻译：
什么是Internet Scanner?
Internet Scanner? 提供 自动的网络设备的安全弱点楂查和分析 。策略文件处理和管理信息安全风险，允许超级用户匹配安全策略并快速的改变所需要的开放的网络应用程序和日益增长的复杂网络环境。
这个版本(ISS 6.1)运行在Windows NT 4.0 Workstation或Microsoft Windows 2000 Professional.上。

内容：
What’s New in Version 6.1        版本6.1的新功能
Command-line report enhancements        增加了命令行报告
Common Vulnerabilities & Exposures (CVE) standard support       
标准的CVE(Common Vulnerabilities & Exposures)(公共弱点暴光)支持
Database Scanner 4.0 penetration testing       突破数据库扫描4.0测试
Internet Scanner documentation installed with product       互联网的ISS文档产品安装
New Module View in the Policy Editor           策略编辑器中新模块视图
New Raw Packet Driver      新的RAW 包驱动
Operating system identification enhancements       增加 操作系统鉴定
Perimeter router check/Internal Network Common Setting     路由器周界检查/内网公共设置
RealSecure OS Sensor integration with Active Alerting     真实可靠的 集成的并活动的OS传感器
SessionDelete utility       实用会话删除工具
Vulnerability Catalog accessible from the main window’s Help menu   在主WINDOW 菜单的易理解的详细弱点目录    
Vulnerability checks and product updates included from X-Press Updates 3.1, 3.2, 3.3, 3.4, 3.5, 3.6, 3.7, 3.8
弱点检查和产品升级包括从X-Press .1, 3.2, 3.3, 3.4, 3.5, 3.6, 3.7, 3.8的升级
Windows 2000 Professional support     Windows 2000 Professional的支持
内容：
Minimum System Requirements      系统最小需求
(For the most current Internet Scanner system requirements, check the Internet Scanner System Requirements Web page on the ISS WEB site
对于大多数的ISS 系统 来说 ，需要检查ISS的WEB页面在 ISS WEB站点
In addition to these requirements, you should use a dedicated computer to run Internet Scanner. Not only will a dedicated computer maximize performance, but it also protects the computer and the data from unauthorized access.
附加的需求：你应使用专有的计算机来运行ISS，使 用一专用的 计算机能够最大程度地发挥ISS的
性能。
International system requirements      互联网系统需 求：
We do not formally support scanning from localized versions of Windows NT 4.0 or Windows 2000. If you attempt to scan from these systems, report your results to support@iss.net.
我们不是正式的支持局部的Windows NT 4.0 或 Windows 2000系统扫描。如果你企图从其它的系统扫描，报告 你的结果到support@iss.net.。
The US English versions of Windows NT 4.0 and Windows 2000 support the display of other language groups (based on different codepages) shipped with those versions. (For example, the US version does not ship with character-based Asian languages or Arabic). If you are an international user, you can run US English Windows NT 4.0 or Windows 2000 as your OS and still run non-Unicode, non-ISS applications localized for your area.

“语言---代码页支持方面   略”

Windows NT 4.0 Workstation System Requirements         Windows NT 4.0 Workstatio系统需求
Processor               处理器
 200 MHz Pentium Pro (300 MHz Pentium recommended)    奔滕200 PRO(推荐用奔滕300)
Operating System         操作系统
 Windows NT 4.0 Workstation (with Service Pack 6)—preferably a dedicated system
Important: Internet Scanner is not supported on Windows NT 4.0 Server, Windows 2000 Server, or
Windows 2000 Advanced Server.  不支持NT SERVER 和WIN 2000  SERVER
RealSecure Integration: Windows 2000 Professional recommended  推荐用Windows 2000 Professional
 
Other Software             其它软件
 Microsoft Internet Explorer 4.x or later required to run HTML Help. (See the information about using Internet Explorer to run HTML Help.)
Adobe Acrobat Reader 4.x or later required to view the PDF files in the ..\Scanner6\Manuals folder.
Memory (RAM)               For regular scans: 80 MB
                                          For large scans: 128 MB (256 MB recommended)
 Hard Disk      Installation from file: 180 MB
                       Installation from CD: 60 MB
                       Running: 55 MB plus 2.5 MB per 100 hosts
                       NTFS partition      recommended
User privileges     Local or Domain Administrator
 Network       Ethernet or Token Ring connected to an active network
 Protocol           TCP/IP
MDAC            2.1 or later
Display           Monitor that supports 800x600 resolution with a minimum of 256 colors

内容：
Additional Product Documentation              附加的产品文档
Viewing the User Guide or the Getting Started Guide     用户向导视图或入门指导
In addition to this help system, the latest Internet Scanner User Guide and Internet Scanner Getting Started Guide are installed with Internet Scanner and are available as PDF files from the ..\Scanner6\Manuals folder.    用户向导视图或入门指导的安装位置(PDF文件)   ..\Scanner6\Manuals

Using Adobe’s Acrobat Reader    阅读器的使用
To view PDF files, install the latest version of Acrobat Reader on your computer. Acrobat Reader is available at http://www.adobe.com/products/acrobat/readstep.html.

内容：
Starting Internet Scanner        开始使 用Internet Scanner
There are several ways to start Internet Scanner:
这有几个方法学习使用Internet Scanner
From the command line, type iss_winnt and press Enter to start the Internet Scanner graphical user interface (GUI).
在命令行方式： 输入ISS_WINNT按下回车键， 启动图形界面的Internet Scanner
From the command line, type iss_winnt, followed by command-line options. Internet Scanner runs from the command line. This choice is useful for very large networks or when you want to eliminate the added overhead of the user interface.  (好处)

Select Start®Programs®ISS®Internet Scanner 6.1®Internet Scanner 6.1 to start the Internet Scanner graphical user interface (GUI). (开始菜单 中的方法)
Use a scheduler to automatically initiate scans or generate reports at a specified date and time.

内容：
Startup Window      启动窗口
Displays frequently used choices when you first start Internet Scanner.
当你第一次启动Internet Scanner.的时候显示你 经常使用的选项。
To prevent this window from appearing at startup, select the Don’t show this dialog again check box.
为防止在启动时，这个对话框出现，你选 择Don’t show this dialog again check box
To make this window appear at startup:

Open Registry Editor.
打开注册表编辑器
Warning: Using Registry Editor incorrectly may cause severe and irreparable damage and may require you to reinstall your operating system. Internet Security Systems cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk.
Go to the HKEY_LOCAL_MACHINE\SOFTWARE\ISS\Internet Scanner\6.1\General key.
Double-click the NoStartupDlg value to display the String Editor.
To enable the startup window, type Off and click OK.
内容：
Entering IP addresses         输入IP地址
You must enter host lists in the following combinations, where IP represents a dotted IP address:
IP,IP: two separate hosts     两 个分离的IP地址 [IP，IP]
IP-IP: a range of hosts         一个范围内的IP地址  [ip-ip]
IP-IP,IP: a range and a single host     一个范围内的IP地址和一个单一的主机  [ip-ip,ip]
IP-IP,IP-IP: two ranges           两个范围内的IP   [ip-ip,ip-ip]
Any number of ranges and individual hosts may be combined. No spaces are permitted.
空格和#表示为注释

重点：
1. 策略编辑器中策略的公共设置：
　　　　Common Settings
The Common Settings folder contains global settings that can be enabled for a policy. Some of these settings may apply to a group of vulnerability checks, decreasing the amount of time needed to enable all the checks that use the setting.
公共设置文件夹包括为策略设置能够被激活的全局设置。这些也许适用一组弱点检查，使用这个设置来减少大量的所有允许的这些设置所花费的时间。
　　　配置公共设置：　
1． Brute force lists 强制力列表
　　　　　Miscellaneous Default　多项默认　VAX/VMS Defaults　虚拟地址扩充/虎拟存储系统
　　　　　VAX/VMS Defaults　　UNIX　　　Linux NIS　　linux 网络信息服务
　　　　　Use Default Login File　　使用默认的登录文件（default.login）
　　　2．Brute Force Options　　强制力选项
　This common setting attempts password checks on names derived from Finger or NetBIOS checks.
   　　从Finger 或 NetBIOS的命名来源来个企图进行口令检查。三种方式：A、反向命名做为口令
　　　B、真名做为口令　　C、帐号做为口令
　　　3．E-Mail Options　　E－Mail选项　　发现弱点后邮件接收人
　　　4．Host Pinger　　
　　　　　两项设置：A。每次扫描PING的次数B。每PING一次的间隔时间（毫秒）
　　　5．HTTP Ports　　A、HTTP端口　默认（80和8080）　B、HTTP安全端口（443）
　　　6．Internal Network　A、IP Addresses 　 format: xx-yy,zz,bb-cc B、Include Key IP 　　Range(s) 　C、Domains D、Use Whois E、Whois Server　　whois是一个关于谁在哪里的数据库
　　　7．IP Spoofing　IP欺骗    A、Spoof Lists (Don’t use source)　B、Spoof Source　（IP地址）
　　　　　　　　　　　　　C、Spoof User（默认为ROOT）使用用户名进行欺骗测试
　　　8．NFS Depth　　子目录的深度
　　　9．NT Logon Sessions　
10．Phase Limit　进行秘密扫描的段的数量，我理解段数值越大越好
11．RWhod Message　为后台邮件程序发送信息，如果有弱点，PS （the process status command）显示信息
12．Smtp Session　
        This common setting manages all active connections to SMTP servers running on any target hosts.
　　这个公共设置管理所有在任何一台目标主机上运行的SMTP服务的活动的连接
A、 Connection timeout (in seconds)　超时时间（秒）　B、Reuse connections　重新边接
B、 Reuse the same SMTP connections when performing multiple security checks　当执行多安全检查时再次执行相同的SMTP连接
13．SNMP Community File　SNMP组文件
　　Filename: The name of a file that contains additional names to use when accessing the 　　　community name. Default: community.snmp　　文件名：文件名包括当访问组名时所使用的附加名字
14．SOCKS Host　
　　SOCKS Target Host: The target host to the IP address of a host on the other side of the SOCKS server. The host you specify should be running at least one FTP, telnet, SMTP, HTTP, POP3, or finger service.
Note: For this setting to function properly, you must enter an IP address in the box provided. If you do not have an actual SOCKS host, use the IP address 127.0.0.1 rather than leaving the box blank.
　　攻击目标地址：在其它SOCK服务器的主机IP地址是目标主机，你所指定的主机就至少运行FTP, telnet, SMTP, HTTP, POP3, or finger 一种服务。
15．TCP Scan　
　A、Source Port: Set the port to use as the source during a port scan. Note: If you set the source port to 0, your operating system will specify the source port.
源端口：设置一个所使用端口直到一个端口被扫描。注意：如果你的端口被设置为0，你的操作系统将被指定为源端口。
　B、Enable Hard Close: Close all active connections to a port after you have received information about the service running on that port. To check the state and the status of an active connection to a port, open a command prompt and type netstat -a.
　　　允许硬关闭：在你接收到服务已在端口运行的信处后关闭所有活动的链接端口。要检查状态或活动连接端口状态，在命令提示符下输入：　netstat –a
　以C　　Hard Close Port Range: The port or port range Internet Scanner uses to close any active connections to ports that you have received service information about.　
硬关闭端口限制：用于活动连接端口到端口的限制范围。
16．Telnet Banners　
　　Grab Banners: Determines if a telnet server generates banner data in response to a request. Internet Scanner uses this method to determine operating system type.
　　白抢夺标题：如果TELNET服务为一个需求响应决定抢夺标题。ISS使用这个方法来决定操作系统类型。
17．UDP Port Scanner
　This common setting controls how the UDP port scanner probes each target host.
　设置每一个目标主机有多少个UDP端口扫描
Internet Scanner sends a collection of UDP packets to each UDP port to check if it is active, and then listens for a response. The type of response (or the lack of a particular type of response) indicates if the port is active.
ISS发送一个收集每一个UDP端口检查它是否是活动状态的包，并且侦听响应。如果端口是活动的，由响应类型指定（或缺少响应类型）
When Internet Scanner performs a UDP port scan, it can generate large amounts of network traffic, which can flood networks with low bandwidth or throughput. To minimize this risk, Internet Scanner lets you tune your scans to meet your individual network needs.
当ISS执行UDP端口扫描时，它能够产生大量的数据，它将占用网络带宽的吞吐量。这个风险最小,ISS让你调整你适合的个人网络需求。
As the UDP port scanner uses the UDP and ICMP protocols, which are classified as unreliable protocols, results can vary between scans. To improve the accuracy of the scan, Internet Scanner lets you tune the scan to provide a higher degree of accuracy　UDP端口扫描使用UDP和ICMP协议，扫描后结果被改变的被归类为不可靠的协议。
A．Number of probes per scan　　默认10
B．Interval between probes (in seconds)间隔时间（秒）　默认：5秒
18．Walk MIB　　管理信息库通道
FlexChecks
A FlexCheck is a user-defined check that has been created to scan specific network environments for vulnerabilities or other conditions.
　FlexCheck是用户定义的检查用来指定建立扫描网络环璄为弱点或其它网络条件。