Re: Assessing a machine with 2 NICs

["Thor (Hammer of God)" <thor () hammerofgod com>]

Not just both cards, but all IP's the system has bound (a single NIC can 
have multiple IP's).  Some services may just be bound to a single IP on the 
system - just scanning one NIC/IP could leave you open if a particular 
service is bound only to the other NIC/IP (like terminal services, FTP, 
HTTP, etc.)

t


----- Original Message ----- 
From: <barcajax () gmail com>
To: <pen-test () securityfocus com>
Sent: Thursday, September 08, 2005 5:09 PM
Subject: Assessing a machine with 2 NICs


> Lets say we have a machine running critical business applications 
> connected to the enterprise network on 2 NICs. From an assessment/audit 
> point of view, is it necessary to scan both NICs using assessment tools 
> like NMap and Nessus? Will both scan results produce the same findings (as 
> in same ports and services open)?
> Does the OS or applications influence the detection of ports/services on 
> different NICs on the same physical machine?


------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------