RE: Discovery Scanning Issues

["David Ball" <lostinvietnam () hotmail com>]

I'd second Carlos' comment below on getting yourself set up with a proper 
Firewall. The Juniper Netscreen 5GT with ADSL support is a worthy product 
and it comes in a Wireless version if you need that kind of functionality. 
I've found the home type ADSL combined router/switch/AP to be a bit flaky 
when it comes to heavy duty scanning.

http://www.juniper.net/products/glance/nscn_5.html

David.

-----------------------------------------------------------------------
> "Carlos A. Morillo" <carlos () morillo us>
> No Phone Info Available
> 01/08/2006 02:54 AM
>
> To
> <pen-test () securityfocus com>
> cc
>
> Subject
> Re: Discovery Scanning Issues
>
> Configure your DSL access device as a bridge and get a entry level
> hardware firewall, something like a PIX 501 or a NetScreen 5.
>
>
> Carlos Morillo
> Atlanta, GA
>
>
>
>
>
>
> ----- Original Message -----
> From: <kataka () hush com>
> To: <pen-test () securityfocus com>
> Sent: Saturday, January 07, 2006 10:47 AM
> Subject: DSL: Discovery Scanning Issues
>
>
> > DSL was finally brought to where I live, and I have started
> > experimenting with discovery scans using Nmap.
> >
> > The problem is, if I try and scan for more than 1024 ports on a
> > single host, my cheep-o Zoom DSL router/modem/switch/thingy starts
> > to flake out, in the sense I can't ping my DSL router any more and
> > I loose connectivity to the Internet until I reset the router.
> >
> > I believe this is because Nmap is filling up my router's NAT pool
> > or something. I've looked at the config of the router and it's only
> > got a 1024 connection NAPT port limit that cannot be adjusted and
> > timeouts measured in seconds as opposed to ms.
> >
> > What should I do? Are other people with low-end DSL routers able to
> > overcome this problem? Should I look at getting a better router, if
> > so, what kind? Or, is it best to not scan through NAT and assign my
> > Internet Routable IP to my scanning box directly? If so, how would
> > this work under DSL, would I need to buy some kind of an Ethernet
> > to RJ-11 adapter card, configure routing, install PPP encapsulation
> > software on the box itself?
> >
> >
> >
> >
> > Concerned about your privacy? Instantly send FREE secure email, no
> account
> > required
> > http://www.hushmail.com/send?l=480
> >
> > Get the best prices on SSL certificates from Hushmail
> > https://www.hushssl.com?l=485
> >
> >
> >
> ------------------------------------------------------------------------------
> > Audit your website security with Acunetix Web Vulnerability Scanner:
> >
> > Hackers are concentrating their efforts on attacking applications on
> your
> > website. Up to 75% of cyber attacks are launched on shopping carts,
> forms,
> > login pages, dynamic content etc. Firewalls, SSL and locked-down servers
>
> > are
> > futile against web application hacking. Check your website for
> > vulnerabilities
> > to SQL injection, Cross site scripting and other web attacks before
> > hackers do!
> > Download Trial at:
> >
> > http://www.securityfocus.com/sponsor/pen-test_050831
> >
> -------------------------------------------------------------------------------
> >
> >
>
>
> ------------------------------------------------------------------------------
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
>
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers
> are
> futile against web application hacking. Check your website for
> vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before
> hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> -------------------------------------------------------------------------------

_________________________________________________________________
Get 10Mb extra storage for MSN Hotmail. Subscribe Now! 
http://join.msn.com/?pgmarket=en-hk


------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------