Re: Bootable Nmap virtual network CD

[Bennett Todd <bet () rahul net>]

2003-11-12T23:07:32 Eddie:
> Also, is there consensus yet on how many machines would be needed?

"needed"? You'll never see agreement.

If you'll substitute "desired", then I'll answer "loads", like "a
/16 full". honeyd ought to be able to do that pretty well, spoofing
various OS types. I'm expecting that the config for this would be
something we'd generate with a program, not try to hand edit.

>  While I think it may be most helpful to focus on a couple
> machines for most of the examples, I can imagine a chapter on
> "shotgun" scanning.

This is _so_ weird. Am I the only person on this list who never uses
nmap as a burglary tool, rarely uses it for security assessment, but
turns to it routinely for pefectly ordinary network discovery?

I'll build databases classifying hosts by os type, and
cross-reference them against the admin databases that are supposed
to completely describe the net, turning up missing and stale
entries.

I'll look for "rogue" (i.e. unsupported) servers for various
protocols, to help make sure that upgrade schedules have complete
coverage.

When you've got an balkanized enterprise that is built by pasting
together a couple of decades worth of mergers and acquisitions, and
whose IT organizations have undergone reorganizations every few
years, it's common to find that absolutely nobody knows exactly
what's on the net, and finding out is too big a job for manual
walkaround inventory. nmap is my friend.

-Bennett

Attachment: _bin
Description: