Re: Port Scanning

4secure_at_web.de
Date: 12/15/04

  • Next message: Dan Tesch: "Re: Class on Security Tools"
    Date: Wed, 15 Dec 2004 11:37:11 +0200
    To: pen-test@securityfocus.com
    
    

    Beside the available bandwidth it is to be necessary to thoughts over the number of maximum session.

    With an extensive port scan it can come otherwise to unpleasant surprises:

    1.) network equipment (e.g. firewall) on the side of the tester blocks the scan, if no more sessions can be administered.

    2.) network equipment on the test side cannot accept far more sessions.

    The consequence is: The tester receives wrong results and/or the internet access of one or both sides will be blocked by the scan.

    If such a thing happens, it has the same effect, as DoS attack.

    The more slowly a scan is accomplished, the smaller is the danger that it comes to disturbances.
    This applies also if not the complete port range is examined (fewer sessions).
    With a slow Scan the results are more exact.
    With attainable systems one should examine however the complete port range.

    One can optimize the local side quite well, so that it dose not come to session problems with a fast and extensive scan. With the remote side the situation looks however differently.

    - Istvan
    __________________________________________________________
    Mit WEB.DE FreePhone mit hoechster Qualitaet ab 0 Ct./Min.
    weltweit telefonieren! http://freephone.web.de/?mc=021201


  • Next message: Dan Tesch: "Re: Class on Security Tools"