Penetration Testing: RE: Port scan causing system crashes

["Brass, Phil (ISS Atlanta)" <PBrass () iss net>]

> -----Original Message-----
> From: Renaud Deraison [mailto:deraison () nessus org] 
> Sent: Thursday, June 12, 2003 3:01 PM
> To: pen-test () securityfocus com
> Subject: Re: Port scan causing system crashes
>
>
> On Thu, Jun 12, 2003 at 11:55:26AM -0400, Clem Skorupka wrote:
>
> > I had a case where an rpc scan using nessus (I forget the 
> particular 
> > module or if it was the nmap precursor scan, this was a couple of 
> > years ago) against some large range of ports knocked out an 
> > allegro-based embedded web server on a network switch.  It didn't 
> > crash this particular switch (though one had to reboot the 
> switch in 
> > order to bring back the web interface).
>
> The bottom line is that as soon as you start to interfere 
> with another host, you can never predict how it will react to 
> actions that it has never been designed to handle, so no scan 
> is totally risk-free[1], and it's often very hard to find the 
> balance between a 99.9% accurate security audit and a 
> non-intrusive one. Note that this does not only affects 
> Nessus+Nmap, but any network vulnerability scanner.
This brings to mind the Iron Triangle of network security assessment:
Fast, Comprehensive, Low Impact.  More of any one means less of the
other two...

Phil

---------------------------------------------------------------------------
----------------------------------------------------------------------------