PaulDotCom mailing list archives
NMAP for SCADA
From: Bruce Barnett <grymoire () gmail com>
Date: Tue, 27 Nov 2012 11:56:41 -0500
I'm going to have a short-time access to a SCADA test lab, and I want to run a port map to characterize the services available. There are about 7 networks (virtual and real), with 6 physical Ethernet ports. I want to discover all services, on all networks. I don't need stealth, and I want to avoid scans that might crash older devices. I also don't want to get half-done and realize that I made the wrong choices, and have to do it again. I was thinking of using -sS, but I am concerned some devices might crash if there are too many half-open connections . So should I use -sT instead - I think. And -r would make the scan more "repeatable" if some device crashes. So any comments on using these options: nmap -r -v -sT -sU 10.1.1.0/24 10.2.0.0/24 -oX scan1.xml -oG scan1.txt repeat for next interface....., etc. _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- NMAP for SCADA Bruce Barnett (Nov 27)
- Re: NMAP for SCADA Kevin Shaw (Nov 27)
- Re: NMAP for SCADA Ron Gula (Nov 27)
- <Possible follow-ups>
- Re: NMAP for SCADA Michael Wilson (Nov 27)