Penetration Testing
Nmap Sep 30 2011 09:17PM
Ukpong (ukpong ukpong gmail com) (3 replies)
Re: Nmap Oct 02 2011 02:37AM
Jeffory Atkinson (jatkinson zelvin com) (1 replies)
Re: Nmap Oct 02 2011 09:35PM
John M. Martinelli (john martinelli redlevel org) (2 replies)
This would work but it would be kind of "noisy" to open port scan
every host. Also probably a little more time consuming.

Adding in syn scan or open port scan will create more time required as
we're now looking for open ports. What if all ports are closed? Will
it respond to a certain type of ICMP?

I think a great question to ask is: "What is the least-impactful way I
can very quickly determine what hosts are alive?" without a
traditional ping sweep.

On Sat, Oct 1, 2011 at 10:37 PM, Jeffory Atkinson <jatkinson (at) zelvin (dot) com [email concealed]> wrote:
>
> All depends on what you are trying to achieve. I would assume that you are not concerned about monitoring devices seeing you have done a ping sweep with nmap. I agree with others a port scan is going to give you the best idea if a host is active. There are Many instances filtering devices can drop icmp or respond for hosts behind them.  Open ports and services are the best identifiers. A port has to be open in some form (open or filtered) to interact with in-bound connections. I would recommend a -sS (syn) scan you can opt for standard services or add -p1- for all 65k+ ports. All ports will verify and services/demons running. There are other options if bandwidth is an issue.
>
>
> On Sep 30, 2011, at 5:17 PM, Ukpong <ukpong.ukpong (at) gmail (dot) com [email concealed]> wrote:
>
> > Can somebody suggest the best NMAP commands for identifying hosts that
> > are not responding to ICMP ping requests ?
> >
> > ------------------------------------------------------------------------

> > This list is sponsored by: Information Assurance Certification Review Board
> >
> > Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
> >
> > http://www.iacertification.org
> > ------------------------------------------------------------------------

> >
>
> ------------------------------------------------------------------------

> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------

>

------------------------------------------------------------------------

This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

[ reply ]
Re: Nmap Jan 02 2012 05:03PM
Juan Pablo (juan quine gmail com) (1 replies)
RE: Nmap Jan 02 2012 08:59PM
S Walker (walker_s hotmail co uk)
Opinions on Burp Suite Web App Scanner Oct 12 2011 03:31PM
Derrenbacker, L. Jonathan (JDerrenbacker KSHGS com) (5 replies)
Re: Opinions on Burp Suite Web App Scanner Oct 12 2011 05:14PM
Robin Wood (robin digininja org)
RE: Opinions on Burp Suite Web App Scanner Oct 12 2011 04:41PM
Ben de Bont (bendebont gmail com) (1 replies)
Re: Opinions on Burp Suite Web App Scanner Oct 19 2011 05:15AM
Meenal Mukadam (meenal mukadam gmail com) (1 replies)
Re: Opinions on Burp Suite Web App Scanner Oct 21 2011 01:24PM
Yiannis Koukouras (ikoukouras gmail com)
Re: Opinions on Burp Suite Web App Scanner Oct 12 2011 04:38PM
Fabio Cerullo (fcerullo gmail com)
Re: Opinions on Burp Suite Web App Scanner Oct 12 2011 04:37PM
Matt Gardenghi (mtgarden gmail com)
Re: Opinions on Burp Suite Web App Scanner Oct 12 2011 04:29PM
pand0ra (pand0ra usa gmail com)
Re: Nmap Oct 01 2011 06:40PM
Mel Chandler (mel chandler gmail com) (2 replies)
Re: Nmap Oct 03 2011 01:49PM
Marco Ivaldi (raptor mediaservice net)
Re: Nmap Oct 01 2011 06:48PM
james zero-internet org uk
Re: Nmap Oct 01 2011 06:33PM
Tim Gonzales (tim gonzales gmail com) (1 replies)
Re: Nmap Oct 01 2011 08:11PM
Jerry (sec-acct 14 oryx cc)


 

Privacy Statement
Copyright 2010, SecurityFocus