Home page logo
/

pen-test logo Penetration Testing mailing list archives

RE: Assessing a machine with 2 NICs
From: "Derick Anderson" <danderson () vikus com>
Date: Mon, 12 Sep 2005 07:38:31 -0400


-----Original Message-----
From: barcajax () gmail com [mailto:barcajax () gmail com] 
Sent: Thursday, September 08, 2005 8:09 PM
To: pen-test () securityfocus com
Subject: Assessing a machine with 2 NICs

Lets say we have a machine running critical business 
applications connected to the enterprise network on 2 NICs. 
From an assessment/audit point of view, is it necessary to 
scan both NICs using assessment tools like NMap and Nessus? 
Will both scan results produce the same findings (as in same 
ports and services open)?
Does the OS or applications influence the detection of 
ports/services on different NICs on the same physical machine?


The machine doesn't have to run the same services on both NICs. In my
shop we have several machines with two or more virtual interfaces (one
NIC, but responds to several IPs) for the purpose of hosting SSL sites.
So you might see ports 80 and 443 open on the first IP but only 443 on
the second. Having said that, most machines with two physical NICs have
them for redundancy and/or speed and by default most services bind to
all available IPs.

What you will see with a scan depends entirely on the service
configurations on the machine. I wouldn't think the OS would do things
differently on separate NICs but you never know.

Derick Anderson

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault