Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: nmap in vmware
From: brad Causey <bradcausey () gmail com>
Date: Tue, 18 Jul 2006 21:09:25 -0500

One of the main things to remember is that you will see a significant
difference in network latency when using VMs vs. using hardware based
hosts. The negative impact will depend heavily on the hardware that the
host runs on and the rate(insane vs. paranoid) of scan. I have created
training courses on hacking exclusively in VM environments and I can
tell you that there is a noticeable difference in running a full host
scan in VM vs. host-based.(Especially with Nessus) The scans will work
fine, but they will most likely take a good percentage longer(upwards of
25-50%). I would suggest creating a baseline using the same target. Scan
the target using a VM based install of nmap and then scan the same
target with a hardware based host. Be sure to keep the variables to
minimum so you can get an accurate test. Use the "-v" option and what
ever other options you might normally use. That should give you a good
idea of what kind of delays might be experienced. Other than time, nmap
works great in a VM!

-Brad

offset wrote:
Looking for any negative experiences with running nmap under Fedora Core 5 under vmware

VMware host is Windows XP SP2 running VMware workstation (latest version) with Fedora Core 5

Thanks in advance,

-off

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's 
Choice Award from eWeek. As attacks through web applications continue to rise, 
you need to proactively protect your applications from hackers. Cenzic has the 
most comprehensive solutions to meet your application security penetration 
testing and vulnerability management needs. You have an option to go with a 
managed service (Cenzic ClickToSecure) or an enterprise software 
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can 
help you: http://www.cenzic.com/news_events/wpappsec.php 
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------


  

Attachment: signature.asc
Description: OpenPGP digital signature


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]