Re: Assessing a machine with 2 NICs

[Tim <tim-pentest () sentinelchicken org>]

> Lets say we have a machine running critical business applications
> connected to the enterprise network on 2 NICs. From an assessment/audit
> point of view, is it necessary to scan both NICs using assessment tools
> like NMap and Nessus? Will both scan results produce the same findings
> (as in same ports and services open)?

If you want to be sure, you really do need to scan both.  Many services,
at least in the Unix world, allow one to easily specify which IP or
interface the service should listen on.  Many lazy administrators don't
bother to do this, and some services don't support it, but that's no
guarantee.

If these two NICs are actually on the same network segment, then perhaps
you don't need to worry about scanning both, but in any other situation,
or if you are paranoid about missing a service, definately do.

tim

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------