Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: scanning...

From: Brian Loe <knobdy () gmail com>
Date: Wed, 2 Nov 2005 15:54:40 -0600
By posting an updated resume to monster.com?  :-)


It's already there. :)




When you're talking about a network with lots of ACL's and multiple
interfaces/aliases per host, automated tools are of diminished value.  Port
scanners like NMap* will suck for this kind of work because they won't
accurately identify individual CPU instances with multiple network
interfaces.  Your best bet is an SNMP scanner like SolarWinds' IP Network
Browser.  Pray that SNMP is on and not blocked.


It's not, but I don't have a tool to utilize it for this specific
purpose - taking it from Solar Windows to Visio would be as slow as
doing it manually.



Actually, I retract that.  In this situation the best thing to do is go to
the documentation.    After all of the money they paid to that contractor
there had better be at least a design and some "as installed" docs from the
hand-off.  If there is none, then go to the router and firewall configs.
Hopefully those bear enough resemblance to reality that you can figure out
what traffic goes where and begin to work your way back from there.


HA!! They have lots of maps. Not one has an IP address or subnet
anywhere to be found - often, not even a name, just a description
(model)!

Looks like I'm config diving.
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: