PaulDotCom mailing list archives
Good time to Scan
From: mick at pauldotcom.com (Michael Douglas)
Date: Tue, 30 Mar 2010 11:54:59 -0400
There's two good off-the-shelf tools for comparing nmap scans. If it's just a point-in-time difference (comparing one scan against another), you should look at ndiff http://nmap.org/ndiff/ if you're going to be scanning the same networks over and over, I can't recommend PBNJ enough. http://pbnj.sourceforge.net/ The canned reports that outputpbnj has are great! Best of luck! - Mick On Tue, Mar 30, 2010 at 9:26 AM, Bacon Zombie <baconzombie at gmail.com> wrote:
Hey, Are you guys doing scans via NMap, Nessus or some other tool? If NMap what other tool/scripts are you using to diff and datamind the data collected? I'm looking to rolling out a similar daily task on my work network. BaconZombie On 30 March 2010 13:21, Albert R. Campa <abcampa at gmail.com> wrote:Id agree with the cred scanning during the day. I started tentatively, but since doing it a few times, I have noticed no issues whatsoever on desktop scans. __________________________________ Albert R. Campa On Mon, Mar 29, 2010 at 7:56 PM, Paul Asadoorian <paul at pauldotcom.com> wrote:If you're scanning workstations I highly recommend credentialed scanning. ?There is little impact on the end-user workstations, and you get better results (less false positives, more information about the installed software, devices, etc..). We started doing this on some of our consulting engagements and are very happy with the results. ?It really gives you a good picture of the network, systems, and a snapshot of the security practices that exist (or not). Cheers, Paul On 3/29/10 8:26 PM, Michael Douglas wrote:we scan our workstations during a few windows. Early in the morning (between 6-8:30 local) if they're running. After the work day (between 6:30 - 9ish) if they're running. If all else fails, we scan around lunchtime (11:30 - 1) ?We only use this time as a fall back... this will impact users. HTH, - Mick On Mon, Mar 29, 2010 at 2:02 PM, Juan Cortes <juanccortester at gmail.com> wrote:Guys, Sort of new to this, but is there a sort of industry standard time when to scan. Basically this scan will be workstations and I would like to scan them during the day since some users turn them off and I would like to get away from bugging people to leave them on. ?Any suggestions? Thanks -- Juan C. Cortes Chicago, Il _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com-- Paul Asadoorian PaulDotCom Enterprises Web: http://pauldotcom.com Phone: 401.829.9552 _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Good time to Scan Juan Cortes (Mar 29)
- Good time to Scan d4ncingd4n at gmail.com (Mar 29)
- Good time to Scan Nic (Mar 29)
- Good time to Scan Karl Schuttler (Mar 29)
- Good time to Scan Michael Douglas (Mar 29)
- Good time to Scan Paul Asadoorian (Mar 29)
- Good time to Scan Albert R. Campa (Mar 30)
- Good time to Scan Bacon Zombie (Mar 30)
- Good time to Scan Michael Douglas (Mar 30)
- Good time to Scan Paul Asadoorian (Mar 29)
- Good time to Scan Jim Halfpenny (Mar 30)