Re: DSL: Discovery Scanning Issues

[Lynx <lynx () enemy org>]

On Jan 07, 2006 at 0747 -0800, kataka () hush com appeared and said:
> The problem is, if I try and scan for more than 1024 ports on a 
> single host, my cheep-o Zoom DSL router/modem/switch/thingy starts 
> to flake out, in the sense I can�t ping my DSL router any more and 
> I loose connectivity to the Internet until I reset the router. 
>
> I believe this is because Nmap is filling up my router�s NAT pool 
> or something. I�ve looked at the config of the router and it�s only 
> got a 1024 connection NAPT port limit that cannot be adjusted and 
> timeouts measured in seconds as opposed to ms.
>
> What should I do? Are other people with low-end DSL routers able to 
> overcome this problem?

You will have the same problems with a firewall's state table and other
networked equipment. You can reduce the stress for intermediate devices
by using nmap's -M switch in order to decrease the amount of parallel
sockets. -sS is also a lot nicer to TCP/IP stacks in between.
Furthermore the -T switch can be used to make nmap less aggressive. The
time for your scans will increase if you do this though.

Best,
Lynx.


------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------