Home page logo
/

pen-test logo Penetration Testing mailing list archives

RE: Scanning Class A network
From: "Mike Thompson" <mthompson () brinkster com>
Date: Mon, 24 Oct 2005 13:56:30 -0400

I would suggest:

1. Using multiple hosts to execute the scan. 
2. Try to use appliances or strip the OS down to the bones. Hopefully
you are using Linux?
3. If you can, since this is an external scan, try to collocate with a
datacenter that is physically close and low latency to the targets. 
4. Ask superman for help.

Cheers,

Mike

-----Original Message-----
From: tarunthenut () gmail com [mailto:tarunthenut () gmail com] 
Sent: Monday, October 24, 2005 5:33 AM
To: pen-test () securityfocus com
Subject: Scanning Class A network

Hello All,
 Recently I was given a task to carry out a port scan of an entire valid
Class A range (Dont ask me what the huge pool of valid IP's was for  :)
).
The scan needed to be carried out externally, and not from within the
network to identify hosts and ports exposed to the Internet.
 The problem compounded cause of the following limitations :
1. ICMP was not allowed in the network
2. The IP range was to be scanned every month for the entire port range
fro=
m
1-65535 for TCP & UDP
 After searching for a suitable scanner which could scan such a large
range
in reasonable time, I could think of only nmap, nessus, superscan and
ISS.
 But because of the limitations stated above,all the tools took a huge
amount of time (ran into month).
 I have struggled with options within the tools, tried configurable
parameters (host time out, parallelism, RTT etc) and divided into
smaller
class C networks and scanned.but still the scan seems to take ages even
if
it is
 Any advise would be welcome  :) 
 
Cheers
 tarunthenut

------------------------------------------------------------------------
------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on
your 
website. Up to 75% of cyber attacks are launched on shopping carts,
forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers
are 
futile against web application hacking. Check your website for
vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before
hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
------------------------------------------------------------------------
-------




------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault