Penetration Testing mailing list archives
Re: Nmap issues...? or router?
From: Josha Bronson <dmuz () slartibartfast angrypacket com>
Date: Sun, 7 Oct 2001 20:48:22 -0700
On Sun, Oct 07, 2001 at 02:39:31AM -0000, bluefur0r bluefur0r said:
After just completeing an audit for a company that has a DS-3 connection (shared) and a cisco router (2015), One of the first issues that was found was this: When nmaping using -sS and all ports, 1 nmap scan nmaping 1 host at a time appeared to completely destroy their bandwidth... Has anyone heard of this? Could this be a Router or ISP problem??? It took very long to complete because i needed to use the -T Polite option. I'm just curious if anyone else has ever encountered nmap using up all network resources for such a high volume connection. Any help would be appreciated so this never happens again. *Luckily I started after hours* blue
Yes, I've seen this before. During and internal audit, one laptop scaning with nmap brought a LAN router to 100% CPU utilization. I think that the router had to be rebooted, but I can't remember. The router was a Cisco, of the 7000 series I believe. Sorry for the lack of facts, it was a while ago... I've meant to look into it again and try to pin down exactly what is going on here, but there never really seems to be a good time to nail a router that is in use, according to management. I've also spoken about this with a few other folks who have seen the same thing. Anyway, someone with spare time and a test network with a Cisco router should probably try and figure out what causes this. :) -- josha.bronson(aka->dmuz) >> dmuz () angrypacket com networks/systems/security && CCNA, RHCE josha.net || dmuz.angrypacket.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Nmap issues...? or router? bluefur0r bluefur0r (Oct 07)
- Re: Nmap issues...? or router? Stephen Perciballi (Oct 09)
- Re: Nmap issues...? or router? Blake Frantz (Oct 09)
- Re: Nmap issues...? or router? Ilici Ramirez (Oct 09)
- Re: Nmap issues...? or router? Alex Butcher (Oct 09)
- Re: Nmap issues...? or router? Josha Bronson (Oct 09)
- <Possible follow-ups>
- RE: Nmap issues...? or router? Ben Tetu-Pappas (Oct 09)
- Re: Nmap issues...? or router? William McVey (Oct 12)
- RE: Nmap issues...? or router? Joe Dauncey (Oct 10)