Re: Scanning Class A network

• Previous message: Satanic.Brain: "Re: Scanning Class A network"
• In reply to: tarunthenut_at_gmail.com: "Scanning Class A network"
• Next in thread: Steve Micallef: "Re: Scanning Class A network"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 24 Oct 2005 16:19:57 -0400 (EDT)
To: tarunthenut@gmail.com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, 24 Oct 2005 tarunthenut@gmail.com wrote:

> Hello All,
> Recently I was given a task to carry out a port scan of an entire valid
> Class A range (Dont ask me what the huge pool of valid IP's was for :) ).
> The scan needed to be carried out externally, and not from within the
> network to identify hosts and ports exposed to the Internet.
> The problem compounded cause of the following limitations :
> 1. ICMP was not allowed in the network
> 2. The IP range was to be scanned every month for the entire port range fro=
> m
> 1-65535 for TCP & UDP
> After searching for a suitable scanner which could scan such a large range
> in reasonable time, I could think of only nmap, nessus, superscan and ISS.
> But because of the limitations stated above,all the tools took a huge
> amount of time (ran into month).
> I have struggled with options within the tools, tried configurable
> parameters (host time out, parallelism, RTT etc) and divided into smaller
> class C networks and scanned.but still the scan seems to take ages even if
> it is
> Any advise would be welcome :)

Once you have identified the systems in question, you might want to break
the scan down into smaller series of scans from say a few boxen dedicated
to this task, such that you are feeding the scanner<s> smaller address
space so they can then slice and cice through in a quicker manner then a
sinlge large scan. Also, you might wish to evaluate hping2, you do not
mention it in the list of off the top of yer head tools that might work
for this task.

Thanks,

Ron DuFresne
- --
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         admin & senior security consultant: sysinfo.com
                         http://sysinfo.com
Key fingerprint = 9401 4B13 B918 164C 647A E838 B2DF AFCC 94B0 6629

...We waste time looking for the perfect lover
instead of creating the perfect love.

                 -Tom Robbins <Still Life With Woodpecker>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFDXUHwst+vzJSwZikRAl2pAJoC7fT6tKfIY0rmRE/QQma3t3UwjQCcDVji
1Oozt6bOK/qVA+71CBcbJ1w=
=t4HN
-----END PGP SIGNATURE-----

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Previous message: Satanic.Brain: "Re: Scanning Class A network"
• In reply to: tarunthenut_at_gmail.com: "Scanning Class A network"
• Next in thread: Steve Micallef: "Re: Scanning Class A network"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]