RE: Network discovery

From: Guillaume Lavoix (glavoix_at_altadis.com)
Date: 02/04/04

  • Next message: R  : "Re: firewalls that can ssl ftp?"
    To: security-basics@securityfocus.com
    Date: Wed, 4 Feb 2004 11:14:10 +0100
    
    

    Hi,

    You can also use HP Openview and select the automatic
    Discovery, normally, it is not something that is recommended
    To do, but I can assure you that it works, and that you will get
    A map with most of your "objects", the only thing is that if you have
    To many (network devices), your openview map will soon
    Become a mess.

    Also HP Openview is not free, so it might be too expensive, for
    You budget, nevertheless you can use it for a 1 month trial period.

    See you,
    Guillaume

    -----Mensaje original-----
    De: Byron Sonne [mailto:blsonne@rogers.com]
    Enviado el: martes, 03 de febrero de 2004 0:59
    Para: security-basics@securityfocus.com
    Asunto: Re: Network discovery

    > I would like to ask all of you, if you have every used a network
    > discovery tool? I have a network with more than 5000 PC's and more
    > than 70 sites in the country. I would like to create an analysis about
    > the network nodes, line between them, speed of the lines etc. Would it
    > be possible with a tool to discover the whole internal network, with
    > routers, gateways and all the important datas?

    No.

    You could run a number of utilities/programs which will enumerate alot/most
    of the devices on your network and provide quite a bit of information.

    It will help you compose a map, but nothing that you can plop on a computer
    and run or plug into your network will give you a truly good map unless your
    network is configured perfectly, uses common hardware, has a fairly vanilla
    config, etc. Even then, I seriously doubt you'll get a complete picture. I
    think bad information is worse than no information at all as it can lead you
    to make false assumptions. Also, consider the case that if *you* can get all
    the information, perhaps a
    *cracker* (which is what most people mean when they abuse and misuse the
    term 'hacker') could too.

    But I digress... there are a number of gotchas you must be aware of. Some of
    these gotchas are:

    (1) devices that only listen; they don't transmit on the network. Not just
    sniffers.
    (2) Filtering or Translating proxies of whatever description.
    (3) NAT (Network Address Translation)
    (4) Firewalls
    (5) Custom hardware/software/protocols
    (6) Encryption
    (7) Temporary power or network outages
    (8) Design deficiencies in standard network protocols

    Some things that can help out alot are:
    (a) Good documentation
    (b) Well labelled cabling and devices
    (c) A sane overall architecture
    (d) Good, knowledgeable people
    (e) Good tools. Good starter link: http://www.insecure.org/tools.html
    (f) Things like Cisco CDP, etc.

    You and your skills are the most important thing of all, so read and learn
    as much as possible.

    Regards,
    Byron Sonne

    --
    For Good, return Good. For Evil, return Justice.
    ---------------------------------------------------------------------------
    Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any
    course! All of our class sizes are guaranteed to be 10 students or less. We
    provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, and
    many other technical hands on courses. Visit us at
    http://www.infosecinstitute.com/securityfocus to get $720 off any course!
    ----------------------------------------------------------------------------
    ---------------------------------------------------------------------------
    Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any 
    course! All of our class sizes are guaranteed to be 10 students or less. 
    We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, 
    and many other technical hands on courses. 
    Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off 
    any course!  
    ----------------------------------------------------------------------------
    

  • Next message: R  : "Re: firewalls that can ssl ftp?"

    Relevant Pages

    • Velocity, American Heroes, Ivestigation Discovery announce new shows, renewals
      ... VELOCITY AND DISCOVERY CHANNEL NAMED EXCLUSIVE TELEVISION HOMES OF ... BARRETT-JACKSON, THE WORLD'S GREATEST COLLECTOR CAR AUCTIONSTM ... had even one small thing in our lives happened differently. ... The Only Mystery-and-Suspense Network on Television Producing More ...
      (rec.arts.tv)
    • Re: Discovery Channel distancing itself from "Lost Tomb"?
      ... Is Discovery Burying 'Lost Tomb'? ... more than a year on Sunday night, but the network has taken several ... Discovery's announcement of the panel emphasized that Mr. Koppel "has ...
      (rec.arts.tv)
    • NBCs "Who Do You Think You Are" may move to TLC
      ... TLC Network Said to Be in Talks to Pick Up Ancestry Show ... Discovery Communications Inc.?s TLC is in talks to pick up ... which has been talking to potential buyers, ...
      (rec.arts.tv)
    • Discovery planning channel for men to replace HD Theater
      ... Discovery Launching Velocity, New Network For Men ... Discovery Communications will launch Velocity, ...
      (rec.arts.tv)
    • RE: Network discovery
      ... Subject: Network discovery ... I would like to ask all of you, if you have every used a network ... We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion ... and many other technical hands on courses. ...
      (Security-Basics)