Re: Assessing a machine with 2 NICs

[Mark Owen <mr.markowen () gmail com>]

On 9 Sep 2005 00:09:12 -0000, barcajax () gmail com <barcajax () gmail com> wrote:
> Lets say we have a machine running critical business applications connected to the >enterprise network on 2 NICs. 
> From an assessment/audit point of view, is it necessary to >scan both NICs using assessment tools like NMap and 
> Nessus? Will both scan results >produce the same findings (as in same ports and services open)?

Different NICs could be running different services.  If I have IIS or
Apache running on a box, I could configure it to use only one NIC or
both NICs.  If that is the case then each NIC will return different
results.

> Does the OS or applications influence the detection of ports/services on different NICs on >the same physical machine?

Not likely by default, but you never know.  A default install of
Windows or GNU/Linux will not be influenced by a scan.  However, it is
possible to install applications that will detect a scan and react to
scans, therefore giving the scans inaccurate information.
Mark Owen

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------