Nmap Development mailing list archives
Re: help for port scanning on firewalls and routers
From: Matt <matt () use net>
Date: Tue, 16 Apr 2002 11:30:55 -0700 (PDT)
On Tue, 16 Apr 2002, Gerald Combs wrote:
On Tue, 16 Apr 2002, Joseph Taylor wrote:I am planning to perform port scanning for routers and firewalls security on my network. My questions are about what benefits I will obtain by running a port scanning tool (NMAP, ISS, etc..). Will there be any difference in the results whether I use this tool inside my network (from an internal IP) or outside my network.What's the aim of running this tool from internal network?Two main benefits are inventory and security analysis. After running an Nmap scan, people often find services (and entire machines) on their network that they weren't aware of. Internal scans can help you secure your network from internal breakins (by employees) and from external breakins (in case someone makes it through your firewall).
I'm not an IT/operations person, but I've used nmap for basic validation of state table handling code in firewall/NAT/IDS/VPN applications and devices. Doing some SYN/NULL/ACK/FIN scans through a firewall/NAT/VPN device, both fragmented and non-fragmented can sometimes cause things like a linksys NAT device to choke and die. Another good tool for this kind of testing is isic, which I believe is hsoted on packetfactory.net currently. Sorry if this doesn't help you, I haven't really played much in this space for a couple years. If you want to look at my old slides for hte testing talk I did a few years ago, they're @ http://www.clock.org/~matt/thinks.html . I'm currently working for a company that makes a "security QA" tool (Cenzic, fka ClickToSecure), but it's a bit expensive and nmap + isic will validate what most people care about. Hope this helps! -- http://www.clock.org/~matt --------------------------------------------------------------------- For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Current thread:
- Nmap bug on BSDi 4.1 mike (Apr 10)
- help for port scanning on firewalls and routers Joseph Taylor (Apr 16)
- Re: help for port scanning on firewalls and routers Gerald Combs (Apr 16)
- Re: help for port scanning on firewalls and routers Matt (Apr 16)
- Re: help for port scanning on firewalls and routers Gerald Combs (Apr 16)
- help for port scanning on firewalls and routers Joseph Taylor (Apr 16)