Re: [fw-wiz] scanning...

From: Julian M D (julianmd_at_gmail.com)
Date: 11/03/05

  • Next message: Brian Loe: "Re: [fw-wiz] PIX Dual line Internet HDSL and ADSL"
    To: Brian Loe <knobdy@gmail.com>
    Date: Thu, 3 Nov 2005 10:18:49 -0500
    
    

    cannot export the map to visio nor print the map

    On 11/3/05, Brian Loe <knobdy@gmail.com> wrote:
    >
    > Awesome, if it works this might be the answer! Now we'll just have to see
    > what the limitations of the trial version are.
    >
    > On 11/2/05, Julian M D < julianmd@gmail.com> wrote:
    > >
    > > I feel your pain, I'm exactly in the same situation. Here's what helped
    > > me get the big picture!
    > > http://www.neon.com/map.shtml
    > >
    > > On 11/2/05, Hile.William@epamail.epa.gov <Hile.William@epamail.epa.gov >
    > > wrote:
    > > >
    > > >
    > > > NMAP would be an excellent tool... you can put in the IP range or
    > > > subnet with that... As far as traversing firewalls... it will only report
    > > > what ports are allowed through the firewall for each host... so you are
    > > > firewall ruleset dependant so it may not give you complete results for a
    > > > host on the other side of a firewall... It will report as an example port 80
    > > > is allowed through and httpd is running on the host in question so it will
    > > > report that service but smptd is also running on the server however its not
    > > > allowed through the firewall from you so you will not know its listening
    > > > because you cant see the port... so you are basically bound to your firewall
    > > > rule set there could be servers beyond your firewall that are up and
    > > > functional but that you do not have access to any of the services running on
    > > > them so from your perspective they will essentially be down.
    > > >
    > > >
    > > >
    > > > William
    > > >
    > > >
    > > >
    > > > *Brian Loe <knobdy@gmail.com>*
    > > >
    > > > 11/02/2005 02:31 PM
    > > > To
    > > > William Hile/RTP/USEPA/US@EPA cc
    > > > firewall-wizards@honor.icsalabs.com,
    > > > firewall-wizards-admin@honor.icsalabs.com Subject
    > > > Re: [fw-wiz] scanning...
    > > >
    > > >
    > > >
    > > >
    > > >
    > > >
    > > >
    > > > I was going to mention nmap - which I wouldn't mind using in this
    > > > effort at all. The question is, will it traverse the firewalls?
    > > >
    > > > Isn't there a "true" management network operation you can use on Cisco
    > > > boxes that work as a "private VLAN" and be passed via most any device - even
    > > > a PIX (and they think they're a part of VLAN 1 or whatever, right?)? Words
    > > > in "s are there for a lack of better ones, or my lack of understanding.
    > > >
    > > > On 11/2/05, *Hile.William@epamail.epa.gov *<Hile.William@epamail.epa.gov>
    > > > <* Hile.William@epamail.epa.gov * <Hile.William@epamail.epa.gov>>
    > > > wrote:
    > > >
    > > > Brian,
    > > > I think I would approach this from a ummm hacker mentatility... I know
    > > > a little info and I need to gain all the information I can.. I think I would
    > > > probably start with something simple like angry IP scanner and input the
    > > > subnet (of course make sure you have permission to scan the network) and go
    > > > from there. There are tons of free tools out there that can ip walk and OS
    > > > guess but just make sure you have full permission to make you scans before
    > > > doing so. humm seems that whatsup gold (there's a free trial out there) will
    > > > do network discovery and even seems that it will do so via whatever port you
    > > > choose... Its been awhile since i used it... and I know it will monitor your
    > > > server/workstations via whatever port but I cant remember how it does net
    > > > discovery... And if you have free reign of the network use this as a
    > > > learning exp and try out several ways to do what you are trying to
    > > > accomplish... and see which one is better and or produces the most output...
    > > >
    > > >
    > > > I wish you luck
    > > >
    > > > Let me know how things turn out.....
    > > >
    > > > William
    > > >
    > > >
    > > > *Brian Loe <* *knobdy@gmail.com* <knobdy@gmail.com>*>*
    > > > Sent by: *firewall-wizards-admin@honor.icsalabs.com*<firewall-wizards-admin@honor.icsalabs.com>
    > > >
    > > > 11/02/2005 09:22 AM
    > > >
    > > > To
    > > > *firewall-wizards@honor.icsalabs.com *<firewall-wizards@honor.icsalabs.com>
    > > > cc
    > > >
    > > > Subject
    > > > [fw-wiz] scanning...
    > > >
    > > >
    > > >
    > > >
    > > >
    > > >
    > > >
    > > >
    > > >
    > > > Let me ask all of you a fairly generic question that should garner
    > > > lots of different ideas. Let us say that you have gone to work for a
    > > > new company as a network admin. It is a fairly complex network with
    > > > multiple routers, switches and firewalls (a firewall for every router,
    > > > let's say). The current network team has no formal training and have
    > > > done all of their learning on the job, following a contracting company
    > > > who was paid to initially setup the network.
    > > >
    > > > Okay, so how would you go about mapping out this network? You don't
    > > > have the understanding of devices by name yet, and each device is
    > > > likely to have 20 interfaces on it, with 20 IPs for 20 networks! You
    > > > live on a "management network", but it's only "management" because
    > > > it's a subnet which has been given telnet access to all of the devices
    > > >
    > > > on the network - in other words, scanning with your usual tool (LAN
    > > > MapShot from Fluke - in my case, because it CAN start a pretty good
    > > > network diagram directly in Visio) from your "management" network
    > > > won't show you anything than it will from any other subnet.
    > > >
    > > > Follow what I mean? Ideas? Pretend the network is yours and you're
    > > > free to change anything you want - where would you start?
    > > > _______________________________________________
    > > > firewall-wizards mailing list *
    > > > **firewall-wizards@honor.icsalabs.com*<firewall-wizards@honor.icsalabs.com>
    > > > *
    > > > **http://honor.icsalabs.com/mailman/listinfo/firewall-wizards*>
    > > >
    > > >
    > > >
    > >
    >

    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  • Next message: Brian Loe: "Re: [fw-wiz] PIX Dual line Internet HDSL and ADSL"

    Relevant Pages

    • RE: generating a network map
      ... This has all changed significantly since Microsoft acquired Visio. ... Enterprise to map statewide WANs of over 1700 networks, ... Subject: generating a network map ... Visio Enterprise will also generate network maps. ...
      (Pen-Test)
    • Re: Plot Shapes on World Map based on Long and Lat.
      ... MS MapPoint also comes with an ActiveX control which could be embedded into a Visio page, and then you can create Visio shapes over the top of the map via a custom program. ... I need to come up with some sort of global map that has Lat and Long ... Each country will be a shape. ...
      (microsoft.public.visio.general)
    • Re: Visio 200x Export (jpg, gif, bmp, etc)
      ... Was für eine Map? ... Meinst Du ein Visio Diagramm? ... "Helmut Schneider" schrieb im Newsbeitrag ...
      (microsoft.public.de.german.visio)
    • Re: Visio: Geographic Stencils
      ... Visio includes quite a few map shapes, which have the ability to position ... > "Region" or "Jurisdiction" much more easily with geographic map stencils. ...
      (microsoft.public.visio.developer)
    • Re: Germany shape/mappoint
      ... We tried to search on different search engines ... vinden.nl) on combination with Visio, VSS, Stencil, Germany and map. ...
      (microsoft.public.de.german.visio)