Penetration Testing mailing list archives
Re: Nmap scanning speed
From: "Phil Frederick" <flosofl () gmail com>
Date: Sun, 30 Apr 2006 20:46:10 -0500
You may want to scan in parallel. As many machines as you can get. Otherwise this will take a while. We have a class A (10.x.x.x) split
into several smaller subnets (300,000+ nodes total) that we scan every week. We handle it by using 40+ dedicated scanning machines that each handle their own section. I'll say it again, I highly recommend using multiple scanners. Don't use stealth mode. You'll never finish. Also, alert your firewall team to allow the scanning systems through to the other networks. Alert whomever handles the IDS config. Many, many alarms will be triggered by the scan. An huge time saver would be a list of valid IPs (so you don't have to hit the whole block of addresses). My experience with our stuff is that we use at most 35-40% of the available hosts in the ranges we have defined. You may want to do a simple discovery first to generate an "addresses to scan" DB. If you are only doing this once a month, run the discovery in 1st half of the month and the port scan in the second. Scripting is your friend. Perl or python (hell, WMI works) will help split and combine your results. 1-1024? Are you scanning for legitimate services only? because zombies, netcat, BO, etc... will all be higher in the range (i.e. BO will be 31337 without modification) You may want to use "-p 1-1024,<evil tool port>,<evil tool port>,<evil tool port>,<evil tool port>,etc.." when you invoke nmap if you don't want to scan the entire range. -Phil On 28 Apr 2006 20:10:29 -0000, chrismc () gmail com <chrismc () gmail com> wrote:
Hi, We have been asked to scan a class b network for port range 1 - 1024 every month. The network is across 4 hops of T1 links. icmp is filtered at the edge router and hence prevent us form using icmp to detect live systems. does anyone attempted a scan on such a large scane and can provide us with information regarding the time nmap could take to scan such an environmen and what should be the ideal settings? Appreciate any response to this. ------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details. ------------------------------------------------------------------------------
------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details. ------------------------------------------------------------------------------
Current thread:
- Nmap scanning speed chrismc (Apr 28)
- Re: Nmap scanning speed Phil Frederick (Apr 30)
- RE: Nmap scanning speed Strykar (Apr 30)
- Re: Nmap scanning speed Phil Frederick (Apr 30)