Security Basics mailing list archives
Re: Assessing a machine with 2 NICs
From: Jacob Bresciani <jacob () bresciani ca>
Date: Fri, 9 Sep 2005 09:23:52 -0700
Simple example. In apache's configuration I can bind it to a port (it will listen on port 80 on all IP's) or to an IP address:port (listen on only one IP).
I can also assign multiple IP's to each NIC and thing only bind apache to one of these address's or all or all but 1...
I can slow setup the OS firewall to behave and block/allow differently on each ip address or on each NIC.
So, for TCP/UDP ports you don't need to scan both NIC's so much as you need to scan all IP address's assigned to that machine.
Jacob Bresciani"Passwords are like bubble gum, strongest when fresh, should never be used by groups and create a sticky mess when left laying around"
-anon On Sep 8, 2005, at 5:34 PM, barcajax () gmail com wrote:
Lets say we have a machine running critical business applications connected to the enterprise network on 2 NICs. From an assessment/ audit point of view, is it necessary to scan both NICs using assessment tools like NMap and Nessus? Will both scan results produce the same findings (as in same ports and services open)? Does the OS or applications influence the detection of ports/ services on different NICs on the same physical machine?
Current thread:
- Assessing a machine with 2 NICs barcajax (Sep 09)
- Re: Assessing a machine with 2 NICs Jacob Bresciani (Sep 09)
- Re: Assessing a machine with 2 NICs Jeff MacDonald (Sep 09)