The reason I ask is that sometimes, I get request for ad-hoc scan of web sites located in DMZ and many TCP/UDP ports seems to be blocked there by default. So, I need to know which ports to ask to be opened.
Typically WAS is going to focus on the ports indicated in the Application definition. So this would either be 443 or port 80 by default i.e. (http or https) but if you needed to scan on another port say 8443 then in the WAS scan you could configure the URL such as:
HTTPS://WWW.MYSITE.COM:8443 OR HTTP://WWW.MYSITE.COM:8443
This would force the port.
If your trying to find out what ports are open for Web Service you might try just a light nmap or qualys port scan. You can do a scan with Qualys using the QIDs for UDP/TCP Services and hit all ports to see if there is something with a web service hiding on another port.
Please let me know if you have questions, David
Retrieving data ...