Penetration Testing mailing list archives
RE: Discovery Scanning Issues
From: "David Ball" <lostinvietnam () hotmail com>
Date: Mon, 09 Jan 2006 10:22:11 +0800
I'd second Carlos' comment below on getting yourself set up with a proper Firewall. The Juniper Netscreen 5GT with ADSL support is a worthy product and it comes in a Wireless version if you need that kind of functionality. I've found the home type ADSL combined router/switch/AP to be a bit flaky when it comes to heavy duty scanning.
http://www.juniper.net/products/glance/nscn_5.html David. -----------------------------------------------------------------------
"Carlos A. Morillo" <carlos () morillo us> No Phone Info Available 01/08/2006 02:54 AM To <pen-test () securityfocus com> cc Subject Re: Discovery Scanning Issues Configure your DSL access device as a bridge and get a entry level hardware firewall, something like a PIX 501 or a NetScreen 5. Carlos Morillo Atlanta, GA ----- Original Message ----- From: <kataka () hush com> To: <pen-test () securityfocus com> Sent: Saturday, January 07, 2006 10:47 AM Subject: DSL: Discovery Scanning Issues > DSL was finally brought to where I live, and I have started > experimenting with discovery scans using Nmap. > > The problem is, if I try and scan for more than 1024 ports on a > single host, my cheep-o Zoom DSL router/modem/switch/thingy starts > to flake out, in the sense I can't ping my DSL router any more and > I loose connectivity to the Internet until I reset the router. > > I believe this is because Nmap is filling up my router's NAT pool > or something. I've looked at the config of the router and it's only > got a 1024 connection NAPT port limit that cannot be adjusted and > timeouts measured in seconds as opposed to ms. > > What should I do? Are other people with low-end DSL routers able to > overcome this problem? Should I look at getting a better router, if > so, what kind? Or, is it best to not scan through NAT and assign my > Internet Routable IP to my scanning box directly? If so, how would > this work under DSL, would I need to buy some kind of an Ethernet > to RJ-11 adapter card, configure routing, install PPP encapsulation > software on the box itself? > > > > > Concerned about your privacy? Instantly send FREE secure email, no account > required > http://www.hushmail.com/send?l=480 > > Get the best prices on SSL certificates from Hushmail > https://www.hushssl.com?l=485 > > > ------------------------------------------------------------------------------ > Audit your website security with Acunetix Web Vulnerability Scanner: > > Hackers are concentrating their efforts on attacking applications on your > website. Up to 75% of cyber attacks are launched on shopping carts, forms, > login pages, dynamic content etc. Firewalls, SSL and locked-down servers > are > futile against web application hacking. Check your website for > vulnerabilities > to SQL injection, Cross site scripting and other web attacks before > hackers do! > Download Trial at: > > http://www.securityfocus.com/sponsor/pen-test_050831 > ------------------------------------------------------------------------------- > > ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
_________________________________________________________________Get 10Mb extra storage for MSN Hotmail. Subscribe Now! http://join.msn.com/?pgmarket=en-hk
------------------------------------------------------------------------------Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- RE: Discovery Scanning Issues Michael Scheidell (Jan 07)
- <Possible follow-ups>
- RE: Discovery Scanning Issues David Ball (Jan 09)