Penetration Testing mailing list archives
RE: Assessing a machine with 2 NICs
From: "Richard Zaluski" <rzaluski () ivolution ca>
Date: Mon, 12 Sep 2005 09:07:39 -0400
Each nick may have different services bound to it so the results will vary for each nic. If you are doing an Audit on a machine you should audit ALL connectivity an not assume anything. Richard Zaluski CISO, Security and Infrastructure Services iVOLUTION Technologies Incorporated 905.309.1911 866.601.4678 www.ivolution.ca rzaluski () ivolution ca Key fingerprint = DB39 7FC3 1F5D AD94 85DD 78B0 774D 5DE5 B011 BD8C ======================================================================= CONFIDENTIALITY NOTICE: This email message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. If you are not the intended recipient, please contact the sender. Any unauthorized review, use, disclosure, or distribution is prohibited. ======================================================================= -----Original Message----- From: barcajax () gmail com [mailto:barcajax () gmail com] Sent: Thursday, September 08, 2005 8:09 PM To: pen-test () securityfocus com Subject: Assessing a machine with 2 NICs Lets say we have a machine running critical business applications connected to the enterprise network on 2 NICs. From an assessment/audit point of view, is it necessary to scan both NICs using assessment tools like NMap and Nessus? Will both scan results produce the same findings (as in same ports and services open)? Does the OS or applications influence the detection of ports/services on different NICs on the same physical machine? ---------------------------------------------------------------------------- -- Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 ---------------------------------------------------------------------------- --- ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Assessing a machine with 2 NICs barcajax (Sep 11)
- Re: Assessing a machine with 2 NICs Fósforo (Sep 12)
- Re: Assessing a machine with 2 NICs Andres Riancho (Sep 12)
- Re: Assessing a machine with 2 NICs Tim (Sep 12)
- Re: Assessing a machine with 2 NICs Thor (Hammer of God) (Sep 12)
- Re: Assessing a machine with 2 NICs Michael Boman (Sep 12)
- Re: Assessing a machine with 2 NICs Justin . Ross (Sep 12)
- RE: Assessing a machine with 2 NICs Richard Zaluski (Sep 12)
- Re: Assessing a machine with 2 NICs Mark Owen (Sep 12)
- Re: Assessing a machine with 2 NICs Fauchon Olivier (Sep 14)
- <Possible follow-ups>
- RE: Assessing a machine with 2 NICs Derick Anderson (Sep 12)
- Re: RE: Assessing a machine with 2 NICs aldo (Sep 14)