Penetration Testing mailing list archives

Re: Nmap issues...? or router?

From: Stephen Perciballi <routerg () mail net>
Date: Sun, 7 Oct 2001 15:45:36 -0400

I've never seen nmap behave this way.   Only the opposite with UDP scans going slow.

If they are on a burstable T3, it could have been more established TCP connections using the presumable OC3, OC12 
uplink.  Try tracerouteing to them and see where the latency is.  Another huge one we see alot of times is bad network 
segmentation.   If possible ask the client to clear counters first, then do the scan, then have them send you the sh 
int.  They could be getting a lot of collisions, whatever.  You may also want them to check a show proc cpu.  
Unfortunately more information is required, however it would be far fetched to blame nmap.


bluefur0r bluefur0r wrote:

After just completeing an audit for a company that has a DS-3 connection (shared) and a cisco router (2015), One of 
the first issues that was found was this: When nmaping using -sS and all ports, 1 nmap scan nmaping 1 host at a time 
appeared to completely destroy their bandwidth... Has anyone heard of this? Could this be a Router or ISP problem??? 
It took very long to complete because i needed to use the -T Polite option. I'm just curious if anyone else has ever 
encountered nmap using up all network resources for such a high volume connection. Any help would be appreciated so 
this never happens again. *Luckily I started after hours*
blue

=================================================================
Kies een origineel e-mailadres op www.emails.nl

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/



----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

Nmap issues...? or router? bluefur0r bluefur0r (Oct 07)
- Re: Nmap issues...? or router? Stephen Perciballi (Oct 09)
- Re: Nmap issues...? or router? Blake Frantz (Oct 09)
- Re: Nmap issues...? or router? Ilici Ramirez (Oct 09)
- Re: Nmap issues...? or router? Alex Butcher (Oct 09)
- Re: Nmap issues...? or router? Josha Bronson (Oct 09)
- <Possible follow-ups>
- RE: Nmap issues...? or router? Ben Tetu-Pappas (Oct 09)
  - Re: Nmap issues...? or router? William McVey (Oct 12)
- RE: Nmap issues...? or router? Joe Dauncey (Oct 10)