Penetration Testing mailing list archives
RE: Port scan causing system crashes
From: "Brass, Phil (ISS Atlanta)" <PBrass () iss net>
Date: Thu, 12 Jun 2003 16:58:14 -0400
-----Original Message----- From: Renaud Deraison [mailto:deraison () nessus org] Sent: Thursday, June 12, 2003 3:01 PM To: pen-test () securityfocus com Subject: Re: Port scan causing system crashes On Thu, Jun 12, 2003 at 11:55:26AM -0400, Clem Skorupka wrote:I had a case where an rpc scan using nessus (I forget theparticularmodule or if it was the nmap precursor scan, this was a couple of years ago) against some large range of ports knocked out an allegro-based embedded web server on a network switch. It didn't crash this particular switch (though one had to reboot theswitch inorder to bring back the web interface).The bottom line is that as soon as you start to interfere with another host, you can never predict how it will react to actions that it has never been designed to handle, so no scan is totally risk-free[1], and it's often very hard to find the balance between a 99.9% accurate security audit and a non-intrusive one. Note that this does not only affects Nessus+Nmap, but any network vulnerability scanner.
This brings to mind the Iron Triangle of network security assessment: Fast, Comprehensive, Low Impact. More of any one means less of the other two... Phil --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Re: Port scan causing system crashes, (continued)
- Re: Port scan causing system crashes Anthony Kim (Jun 12)
- Re: Port scan causing system crashes Adam Carter (Jun 13)
- RE: Port scan causing system crashes OBrien, Brennan (Jun 12)
- Re: Port scan causing system crashes MARTIN M. Bénoni (Jun 12)
- RE: Port scan causing system crashes Whiteside, Larry [contractor] (Jun 12)
- Re: Port scan causing system crashes Clem Skorupka (Jun 12)
- Re: Port scan causing system crashes Renaud Deraison (Jun 12)
- Re: Port scan causing system crashes Clem Skorupka (Jun 12)
- Re: Port scan causing system crashes Clem Skorupka (Jun 12)
- RE: Port scan causing system crashes Steve Goldsby (ICS) (Jun 12)
- Re: Port scan causing system crashes Death Star (Jun 12)
- RE: Port scan causing system crashes Brass, Phil (ISS Atlanta) (Jun 12)
- Re: Port scan causing system crashes Kevin Pietersma (Jun 13)
- FW: Port scan causing system crashes Brewis, Mark (Jun 13)
- RE: Port scan causing system crashes Martin Walker (Jun 16)
- RE: Port scan causing system crashes Death Star (Jun 16)