Re: Scanning Class A network
From: David Eduardo Acosta Rodríguez (david.acosta_at_internet-solutions.com.co)
Date: 10/24/05
- Previous message: barcajax_at_gmail.com: "Re: Scanning Class A network"
- In reply to: tarunthenut_at_gmail.com: "Scanning Class A network"
- Next in thread: Jarmon, Don R: "RE: Scanning Class A network"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <tarunthenut@gmail.com>, <pen-test@securityfocus.com> Date: Mon, 24 Oct 2005 12:47:21 -0500
Hi:
Check this: http://www.unicornscan.org/main.html. Unicornscan is meant for
testing extremely large networks, and will take CIDR notation as target
input. To scan a single IP you would specify 192.168.1.1/32. For a "class
B" sized network, you would specify 172.16.0.0/16, etc.
"Unicornscan is an attempt at a User-land Distributed TCP/IP stack. It is
intended to provide a researcher a superior interface for introducing a
stimulus into and measuring a response from a TCP/IP enabled device or
network. Although it currently has hundreds of individual features, a main
set of abilities include:
a.. Asynchronous stateless TCP scanning with all variations of TCP Flags.
b.. Asynchronous stateless TCP banner grabbing
c.. Asynchronous protocol specific UDP Scanning (sending enough of a
signature to elicit a response).
d.. Active and Passive remote OS, application, and component
identification by analyzing responses.
e.. PCAP file logging and filtering
f.. Relational database output
g.. Custom module support
h.. Customized data-set views "
Unicornscan can be used as a very fast, very scalable port scanner. It uses
CPU specific instructions to track the packets per second you specify as
closely as possible. From a single Pentium system, it is typical to be able
to generate up to 160,000 pps or more. The pps limit will scale with your
architecture accordingly. This single system pps limit is an artificial
limit however as we have also built in an InterProcess Communications (IPC)
channel to allow for scaling between
multiples of scanners working together. Because of the great speed and pps
generation potential, an increased sophistication will be required to
properly harness the power of Unicornscan.
Estaré atento a cualquier duda, comentario o inquietud adicional.
Cordial saludo,
Ing. David E. Acosta R.
Security Consultant - CISSP
Internet Solutions Colombia
"The Information Security Experts"
http://www.internet-solutions.com.co
david.acosta@internet-solutions.com.co
Phone (movil): (57) 3108810829 - (57) 300)2089961
Phone (office): + 571 3120910 ext 17
Fax (office): +571 3120577
CONFIDENCIAL. La información contenida en este e-mail y cualquier archivo
anexo es confidencial y sólo puede ser utilizada por el individuo o la
compañía a la cual está dirigido. Si no es usted el destinatario
autorizado, cualquier retención, difusión, distribución o copia de este
mensaje está prohibida y es sancionada por la ley. Si por error recibe este
mensaje, le ofrecemos disculpas y le agradecemos reenviar el mensaje al
emisor original y eliminarlo de su inbox inmediatamente.
----- Original Message -----
From: <tarunthenut@gmail.com>
To: <pen-test@securityfocus.com>
Sent: Monday, October 24, 2005 7:33 AM
Subject: Scanning Class A network
> Hello All,
> Recently I was given a task to carry out a port scan of an entire valid
> Class A range (Dont ask me what the huge pool of valid IP's was for
:) ).
> The scan needed to be carried out externally, and not from within the
> network to identify hosts and ports exposed to the Internet.
> The problem compounded cause of the following limitations :
> 1. ICMP was not allowed in the network
> 2. The IP range was to be scanned every month for the entire port range
fro=
> m
> 1-65535 for TCP & UDP
> After searching for a suitable scanner which could scan such a large
range
> in reasonable time, I could think of only nmap, nessus, superscan and ISS.
> But because of the limitations stated above,all the tools took a huge
> amount of time (ran into month).
> I have struggled with options within the tools, tried configurable
> parameters (host time out, parallelism, RTT etc) and divided into smaller
> class C networks and scanned.but still the scan seems to take ages even if
> it is
> Any advise would be welcome :)
>
> Cheers
> tarunthenut
>
> --------------------------------------------------------------------------
---- > Audit your website security with Acunetix Web Vulnerability Scanner: > > Hackers are concentrating their efforts on attacking applications on your > website. Up to 75% of cyber attacks are launched on shopping carts, forms, > login pages, dynamic content etc. Firewalls, SSL and locked-down servers are > futile against web application hacking. Check your website for vulnerabilities > to SQL injection, Cross site scripting and other web attacks before hackers do! > Download Trial at: > > http://www.securityfocus.com/sponsor/pen-test_050831 > -------------------------------------------------------------------------- ----- > > ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
- Previous message: barcajax_at_gmail.com: "Re: Scanning Class A network"
- In reply to: tarunthenut_at_gmail.com: "Scanning Class A network"
- Next in thread: Jarmon, Don R: "RE: Scanning Class A network"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
