RE: Scanning Class A network

• Previous message: David M. Zendzian: "Re: updated legacy mainframe app"
• In reply to: tarunthenut_at_gmail.com: "Scanning Class A network"
• Next in thread: Michael Gargiullo: "RE: Scanning Class A network"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: <tarunthenut@gmail.com>, <pen-test@securityfocus.com>
Date: Tue, 25 Oct 2005 19:40:35 +0100

Tarun
I have been following this thread trapping any missing network enumerators
these can be found here http://securitywizardry.com/enum.htm

However, the size of network would suggest a distributed scanner especially
given the constraint of a monthly renewal. I have these listed here,
http://securitywizardry.com/enum.htm though the majority are better suited
for vulnerability assessment rather than just enumeration and the list needs
an update.

I would suggest a hybrid approach where active enumeration is complemented
with passive fingerprinting at the network boundaries. The problem with
active scanning is that it is only true for the moment an IP address is
scanned. However, passive fingerprinting will also detect any emerging
hosts or hosts that aren't up for long. Furthermore, there is no bandwidth
hit from their use. I have them all listed here
http://securitywizardry.com/osfp.htm

The website is vendor neutral and lists all products good and bad. It has
been neglected just lately but with the help of some extremely capable folks
is almost back to it's old self. As always, please let us know if we are
missing any products.

Cheers

Andy Cuff
Chief Technology Officer
Computer Network Defence Ltd
http://www.securitywizardry.com

07010 709014
 
> -----Original Message-----
> From: tarunthenut@gmail.com [mailto:tarunthenut@gmail.com]
> Sent: 24 October 2005 13:33
> To: pen-test@securityfocus.com
> Subject: Scanning Class A network
>
> Hello All,
> Recently I was given a task to carry out a port scan of an entire valid
> Class A range (Dont ask me what the huge pool of valid IP's was for :)
> ).
> The scan needed to be carried out externally, and not from within the
> network to identify hosts and ports exposed to the Internet.
> The problem compounded cause of the following limitations :
> 1. ICMP was not allowed in the network
> 2. The IP range was to be scanned every month for the entire port range
> fro=
> m
> 1-65535 for TCP & UDP
> After searching for a suitable scanner which could scan such a large
> range
> in reasonable time, I could think of only nmap, nessus, superscan and ISS.
> But because of the limitations stated above,all the tools took a huge
> amount of time (ran into month).
> I have struggled with options within the tools, tried configurable
> parameters (host time out, parallelism, RTT etc) and divided into smaller
> class C networks and scanned.but still the scan seems to take ages even if
> it is
> Any advise would be welcome :)
>
> Cheers
> tarunthenut
>
> --------------------------------------------------------------------------
> ----
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers
> are
> futile against web application hacking. Check your website for
> vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before
> hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> --------------------------------------------------------------------------
> -----

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Previous message: David M. Zendzian: "Re: updated legacy mainframe app"
• In reply to: tarunthenut_at_gmail.com: "Scanning Class A network"
• Next in thread: Michael Gargiullo: "RE: Scanning Class A network"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages RE: Pre-Scanning for Marketing ... The controlling interest of the network has to have a inclination to secure ... vulnerabilities are easily and efficiently identified. ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Up to 75% of cyber attacks are launched on shopping carts, ... (Pen-Test) RE: Finding multi-homed, internet connected, systems as potential point-of-entry. ... It uses ICMP and may or may not work depending on how the local network is set up. ... > -Send a spoofed (spoof an internet address under our control) message ... > Audit your website security with Acunetix Web Vulnerability Scanner: ... Up to 75% of cyber attacks are launched on shopping carts, ... (Pen-Test) Re: Qualys ... Well, if we are going to get picky about terminology, surely a Class A environment means a network with a Class A subnet configured, not necessarily one with any particular number of hosts. ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Cross site scripting and other web attacks before hackers do! ... (Pen-Test) Re: Scanning Class A network ... The scan needed to be carried out externally, and not from within the network to identify hosts and ports exposed to the Internet. ... Hackers are concentrating their efforts on attacking applications on your website. ... Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. ... Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! ... (Pen-Test) Re: Scanning Class A network ... About point 2, i recommend you Nmap... ... >network to identify hosts and ports exposed to the Internet. ... >Audit your website security with Acunetix Web Vulnerability Scanner: ... Cross site scripting and other web attacks before hackers do! ... (Pen-Test)