Penetration Testing mailing list archives
RE: Scanning Class A network
From: Michael Gargiullo <mgargiullo () pvtpt com>
Date: Tue, 25 Oct 2005 15:27:09 -0400
Think about it for a minute and do the math involved 2 trillion ports to check without a reliable method of identifying live IP addresses. The network you're scanning will have changed significantly in the time it takes to complete the scan. The results will not be reliable at all. Assuming you could build a cluster to check 100,000 ports per second, your still talking running 33 weeks straight. Now in reality, it takes longer then 1 second to check a port, especially if it's live. Whoever tasked you to do this has no concept. You could probably pull it off, if you built a huge cluster, and consumed the majority of their bandwidth (don't forget your also limited to the amount of outbound traffic your internet connection can handle, ie... 384k, 768k, 1.5mb, 45mb, etc...) Now if you could get your contract to say you get paid .1 of a penny per port... a few months of that and you'd surpass Bill Gates' wealth. Sorry mate, unless you spread it out over 6 months or a year, it's not something easily done. -Mike -----Original Message----- From: Mike Jones [mailto:sopiaz57 () gmail com] Sent: Monday, October 24, 2005 2:39 PM To: Michael Gargiullo Cc: pen-test () securityfocus com Subject: Re: Scanning Class A network You may need a bit more than a cluster of 2 386's to scan this many ports: (tcp and udp) 2,198,989,438,980 Have you looked into the Insane option for nmap using a cluster. (See http://openmosix.sourceforge.net/) Sounds like an educational institution, why dont you take over a few large computer labs and post results. tarunthenut () gmail com wrote:
Hello All, Recently I was given a task to carry out a port scan of an entire
valid
Class A range (Dont ask me what the huge pool of valid IP's was for :)
).
The scan needed to be carried out externally, and not from within the network to identify hosts and ports exposed to the Internet. The problem compounded cause of the following limitations : 1. ICMP was not allowed in the network 2. The IP range was to be scanned every month for the entire port range
fro=
m 1-65535 for TCP & UDP After searching for a suitable scanner which could scan such a large
range
in reasonable time, I could think of only nmap, nessus, superscan and
ISS.
But because of the limitations stated above,all the tools took a huge amount of time (ran into month). I have struggled with options within the tools, tried configurable parameters (host time out, parallelism, RTT etc) and divided into
smaller
class C networks and scanned.but still the scan seems to take ages even
if
it is Any advise would be welcome :) Cheers tarunthenut -----------------------------------------------------------------------
-------
Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on
your
website. Up to 75% of cyber attacks are launched on shopping carts,
forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down
servers are
futile against web application hacking. Check your website for
vulnerabilities
to SQL injection, Cross site scripting and other web attacks before
hackers do!
Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -----------------------------------------------------------------------
--------
------------------------------------------------------------------------ ------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 ------------------------------------------------------------------------ ------- ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Re: Scanning Class A network, (continued)
- Re: Scanning Class A network Volker Tanger (Oct 24)
- RE: Scanning Class A network Talisker (Oct 25)
- Re: Scanning Class A network Adam Jones (Oct 26)
- RE: Scanning Class A network Brian Loe (Oct 26)
- Re: Scanning Class A network barcajax (Oct 24)
- RE: Scanning Class A network Jarmon, Don R (Oct 24)
- RE: Scanning Class A network Mike Thompson (Oct 24)
- RE: Scanning Class A network Josh Perrymon (Oct 24)
- RE: Scanning Class A network Derick Anderson (Oct 24)
- Re: Scanning Class A network Cesar Osorio (Oct 24)
- RE: Scanning Class A network Michael Gargiullo (Oct 25)
- Re: Scanning Class A network tarun_the_nut (Oct 31)