Re: Questions: nmap, nessus unreliability, setting up a packet capture box, using Impacket
From: Don Parker (dparker_at_rigelksecurity.com)
Date: 04/22/04
- Previous message: lists: "Re: Bank Assessment"
- Maybe in reply to: Paul Johnston: "Questions: nmap, nessus unreliability, setting up a packet capture box, using Impacket"
- Next in thread: Dan Goldberg: "Re: Questions: nmap, nessus unreliability, setting up a packet capture box, using Impacket"
- Reply: Dan Goldberg: "Re: Questions: nmap, nessus unreliability, setting up a packet capture box, using Impacket"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 22 Apr 2004 16:42:49 -0400 (EDT) To: Paul Johnston <paul@westpoint.ltd.uk>, pen-test@securityfocus.com
Hi Paul, well yes I have found nmap to be buggy at times myself. I have not really used
nessus all that much so I can't comment on it. What I would suggest you use is either
hping or nemesis for your packet crafting needs. They both offer a fine level of
granularity when building a specific packet. Though to make the most of those tools you
need to have some tcp/ip knowledge. The more indepth the better. As to your question #2
can you be a bit more verbose as to exactly what it is your trying to do ie: is this a
flat network, segmented, do you want to get absolutely everything or only certain types
of packets.......
Cheers,
Don
-------------------------------------------
Don Parker, GCIA
Intrusion Detection Specialist
Rigel Kent Security & Advisory Services Inc
www.rigelksecurity.com
ph :613.249.8340
fax:613.249.8319
--------------------------------------------
On Apr 22, Paul Johnston <paul@westpoint.ltd.uk> wrote:
Hi,
1) How reliable have people here found nmap and nessus to be? I have
encountered (rare) cases of nmap not finding ports, and also of nessus
not identifying ports during the find_service stage. We hear a lot about
false positives, but it's much harder to notice false negatives.
Anything that can be done about this?
2) I'm looking at setting up a box to capture all traffic on our
scanning network. Does anyone have thoughts on doing this, based on
their operational experiences?
3) Using Core Impact's Impacket library, how can you get it to calculate
UDP or TCP checksums correctly? No matter what I do they won't come out
right. It works fine for ICMP. While I'm on the subject, what do people
use for raw packet libraries? I really like scapy for interactive use,
but it seems a bit heavyweight for use in scripts.
Regards,
Paul
-- Paul Johnston Internet Security Specialist Westpoint Limited Albion Wharf, 19 Albion Street, Manchester, M1 5LN England Tel: +44 (0)161 237 1028 Fax: +44 (0)161 237 1031 email: paul@westpoint.ltd.uk web: www.westpoint.ltd.uk ------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: <a href='http://www.infosecinstitute.com/courses/ethical_hacking_training.html'>http://www.i nfosecinstitute.com/courses/ethical_hacking_training.html</a> ------------------------------------------------------------------------------- ------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
- Previous message: lists: "Re: Bank Assessment"
- Maybe in reply to: Paul Johnston: "Questions: nmap, nessus unreliability, setting up a packet capture box, using Impacket"
- Next in thread: Dan Goldberg: "Re: Questions: nmap, nessus unreliability, setting up a packet capture box, using Impacket"
- Reply: Dan Goldberg: "Re: Questions: nmap, nessus unreliability, setting up a packet capture box, using Impacket"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
