Re: Port Scanning.

• Previous message: Steve Hall: "Re: Laptop Considerations"
• In reply to: Faisal Khan: "Port Scanning."
• Next in thread: Jeffrey Denton: "Re: Port Scanning."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 13 Dec 2004 20:37:57 +0000
To: pen-test@securityfocus.com

Hi Faisal,

Its always good practice to run scans from different locations on the
Internet, using machines (that you LEGALLY have access to) that are not
on the same subnet or ISP. Doing this will verify your results and show
information about parts of your client's packet-filtering scheme that
may be based on source address. If any of the machines you are using are
connected to an ISP thats got egress filtering enabled, it will show up
when you compare results. More reliable information about your client is
obtained when your scanning machines are not NATed.

When it comes to tools, I always start with Nmap, but others can be
useful, again to verify results and obtain more detailed information,
like PoF. Specfic service scanners can be very informative, like IKEScan.

SOCKS5 supports UDP as well as TCP, so a limited scan can be made
through trusted SOCKS servers.

Cheers
 

Faisal Khan wrote:

>
>
> What's a good industry practise whilst doing port-scanning during a
> pen-test.
>
> Do you rely on the results of a single vendor's software or do you use
> multiple softwares?
>
> Also, with each OEM/vendor - do you scan once or twice?
>
> I need to do a scan on a Class C Address if that matters in any way.
>
> Faisal
>
>
>
> Faisal Khan, CEO
> Net Access Communication
> Systems (Private) Limited
> ________________________________
>
> Network Security - Secure Web Hosting
> Managed Internet Services - Secure Email
> Dedicated Servers - Reseller Hosting
>
> Visit www.netxs.com.pk for more information.
>
>
>

• Previous message: Steve Hall: "Re: Laptop Considerations"
• In reply to: Faisal Khan: "Port Scanning."
• Next in thread: Jeffrey Denton: "Re: Port Scanning."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: DoS Attack on UDP port 1434 ... >when I tried to get on the Internet, I found that the Internet was ... That's not an attack, it's the newest Microsoft worm trying to spread. ... case, the Internet) with unsafe machines (in this case, those running ... there is no difference between theory and practice. ... (comp.security.firewalls) Re: Biometrics ... computer to the Internet, it will get attacked. ... They're interesting for learning about attacker behavior and motivations, but they aren't security devices. ... Use Windows 98 Second Edition Machines as a safety internal protocol as ... MVP suggests how the internal safety of 9x is awesome and makes ... (microsoft.public.security) Re: ISA 2006 and Listeners Part 2! ... All machines use only the internal AD/DNS ... No machine should ever use any other DNS ... The AD/DNS machine will use the ISP's DNS in the ... Microsoft Internet Security & Acceleration Server: ... (microsoft.public.isa.configuration) Re: Event id 529 ... The machines are not accessible from the Internet. ... I don't have access to my Network ... Logon Failure: ... (microsoft.public.windowsxp.security_admin) Re: DNS not resolving correctly on VPN ... When they log in via VPN, we pass the same DNS server. ... I will work with one of this machines today and post back. ... > the users use the OWA from the Internet side? ... (microsoft.public.win2000.dns)