nanog mailing list archives
Re: Network scan tool/appliance horror stories
From: Bacon Zombie <baconzombie () gmail com>
Date: Mon, 29 Oct 2012 19:40:50 +0000
It all depends on what tools they are using and how you have your system setup. Both NMAP and Nessus can check system\service to see if common accounts have default or non password at all. This can cause these accounts to be locked out. There are other "exploits" that can cause systems\services to be DOS'd but these normally have to be enabled. Best to get a statement of works from them which should list all the tools including options they will be using. They also should be able to hand over a raw dump of ALL commands run during the testing. On 29 October 2012 19:25, Justin M. Streiner <streiner () cluebyfour org>wrote:
On Mon, 29 Oct 2012, Pedersen, Sean wrote: We're evaluating several tools at the moment, and one vendor wants todynamically scan our network to pick up hosts - SNMP, port-scans, WMI, the works. I was curious if anyone had any particularly gruesome horror stories of scanning tools run amok.If you have any overloaded/under-powered network gear, such as stateful firewalls and routers that do lots of NAT, you might find them very quickly, depending on how aggressive the scanning tool is. There might also be devices out there that, while possibly lightly loaded, can reach some minimally documented resource threshold under a very aggressive scan, and subsequently tip over. Also, if you're doing IPv6, the performance metrics for many network devices can be a bit more of a moving target. jms
-- ฤ๊๊๊๊๊็็็็็๊๊๊๊๊็็็็ ฮ้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้้ ฦ้้้้้็็็็็้้้้้็็็็็้้้้้้้้็็็็็้้้้้็็็็็้้้้้้้้็็็็็้้้้้็็็็็้้้้้้้้็็็็็้้้ BaconZombie LOAD "*",8,1
Current thread:
- Network scan tool/appliance horror stories Pedersen, Sean (Oct 29)
- Re: Network scan tool/appliance horror stories Justin M. Streiner (Oct 29)
- Re: Network scan tool/appliance horror stories Bacon Zombie (Oct 29)
- Re: Network scan tool/appliance horror stories Jared Mauch (Oct 29)
- Re: Network scan tool/appliance horror stories Paul Thornton (Oct 29)
- Re: Network scan tool/appliance horror stories Bacon Zombie (Oct 29)
- Re: Network scan tool/appliance horror stories Dan White (Oct 29)
- RE: Network scan tool/appliance horror stories Jones, Barry (Oct 30)
- RE: Network scan tool/appliance horror stories Chuck Church (Oct 30)
- RE: Network scan tool/appliance horror stories Jones, Barry (Oct 30)
- RE: Network scan tool/appliance horror stories Jones, Barry (Oct 30)
- Re: Network scan tool/appliance horror stories Justin M. Streiner (Oct 29)
- RE: Network scan tool/appliance horror stories Rutis, Cameron (Oct 29)
- Re: Network scan tool/appliance horror stories Ryan Malayter (Oct 29)
- Re: Network scan tool/appliance horror stories nick hatch (Oct 29)
- Re: Network scan tool/appliance horror stories Andreas Ott (Oct 29)