Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Mapping Class A network ( any easy trick?)

From: John Thomas <mjohn2000_99 () yahoo com>
Date: 12 Feb 2005 04:23:44 -0000
In-Reply-To: <6b0d9eef050210044538f5dda4 () mail gmail com>

Thanks everybody for your advice, they were very helpful. 
I forgot give u details about my scan. It is a private network consists of about 10,000 hosts. I am planning this step 
as the first step of the penetration testing (well, I may have to cut down to vulnerability scan like u guys 
suggested). 

I am thinking about going for nmap pingsweep. That would give me all (well most of them) IPs.  I am also looking into 
some of the tools and tricks(DNS, snmp, etc) suggested by you.  Nmap was doing a pretty good for me, so I can’t just 
give away my friend. ;)

Well, thanks again guys 



Hi,

I once used a program called networkview to scan a Class A network. In
4 hours it was at 36% of the scan. I was scanning for "normal" ports
and a few others of my concern. Very impressive, very fast. I was
using a 3Mbps download 256Kbps upload connection at the time.

Some info from publisher:

NetworkView 3.1 Rating:   5/5

--------------------------------------------------------------------------------

License: Shareware

Price: $79.00

Expires after 30 Days

Information:
This is a compact network discovery and management tool for the Win32
platform. It will discover all TCP/IP nodes and draw a full graphical
map, including routes, from DNS, MAC Addresses, SNMP, WMI and TCP port
information. It can also poll the network and send an e-mail when
nodes are unreachable.
With more than 11,000 entries in its SNMP and MAC address databases,
it can be used from a floppy disk. Full print and print preview
capabilities for maps and lists are included.

Note: SNMP must be installed, and administrator rights are necessary
for discovery and monitoring.

Additional Software Required: 
SNMP

Cheap and fast. That's how I like it.

Note: I do not work for the publisher nor will I get money for this
(Damn, I should get money for this!).

Hope it helps.




On Tue, 08 Feb 2005 09:34:10 -0800 (PST), John Thomas
<mjohn2000_99 () yahoo com> wrote:



I am about to do a penetration testing on a "Class A
network" and wondering how I can map the network
without pinging 17 million IPs.(nmap -Sp 10.0.0.0/8)

I did some research and the best information I got is
from one of the earlier post on this
list(http://seclists.org/lists/pen-test/2004/Jul/0067.html)
. It was to use broadcast IPs for pings. But it may miss some subnets.

Is that the best way to it? If not, please advise




-- 
Ismael Gonzalez
CEO / Consultant
Allied Technologies, Inc.
Previous By Date Next
Previous By Thread Next

Current thread: