Penetration Testing mailing list archives
RE: Port Scanning.
From: "Piskovatskov, Alexey" <Alexey.Piskovatskov () bindview com>
Date: Mon, 13 Dec 2004 10:23:59 -0600
There's good document by NIST on this subject: http://csrc.nist.gov/publications/nistpubs/800-42/NIST-SP800-42.pdf Because nature of the scanners to report false positives/negatives, using multiple vendors and/or free tools is appropriate. Best, Alexey -----Original Message----- From: Faisal Khan [mailto:faisal () netxs com pk] Sent: Monday, December 13, 2004 8:47 AM To: pen-test () securityfocus com Subject: Port Scanning. What's a good industry practise whilst doing port-scanning during a pen-test. Do you rely on the results of a single vendor's software or do you use multiple softwares? Also, with each OEM/vendor - do you scan once or twice? I need to do a scan on a Class C Address if that matters in any way. Faisal Faisal Khan, CEO Net Access Communication Systems (Private) Limited ________________________________ Network Security - Secure Web Hosting Managed Internet Services - Secure Email Dedicated Servers - Reseller Hosting Visit www.netxs.com.pk for more information.
Current thread:
- Port Scanning. Faisal Khan (Dec 13)
- Re: Port Scanning. robert (Dec 13)
- Message not available
- Re: Port Scanning. robert (Dec 22)
- Message not available
- Re: Port Scanning. robert (Dec 22)
- Re: Port Scanning. robert (Dec 22)
- Message not available
- Re: Port Scanning. robert (Dec 13)
- <Possible follow-ups>
- Re: Port Scanning. miguel . dilaj (Dec 13)
- Message not available
- Re: Port Scanning. Faisal Khan (Dec 13)
- Message not available
- RE: Port Scanning. rzaluski (Dec 14)
- Re: Port Scanning. Martin Mačok (Dec 15)