Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: ping before scan of the host

from [ssinha] Network Security [Permanent Link]
Subject: Re: ping before scan of the host
Date: Sun, 30 Jan 2005 11:28:10 -0500
If you are familiar with nmap, you can use that to scan a host (if you know what type of host that is). Scans can be done on common service ports like 25, 53 (udp), 80, 443, 445, etc. and would tell you about the status of the host in question. For udp ports you can try PU switch to send out udp probes.

nmap -vv -n -sP -PT80 x.x.x.x

The above command from any linux/solaris/bsd host capable of doing nmap from command line would accomplish a scan on the targeted host with the ip address denoted by x.x.x.x and would find out if it is listening on tcp port 80, for instance. The scan process could take a long time if you chose to scan all 65335 ports.

The following command could also accomplish scan of a range of ip address by means of a simple ping scanning:

nmap -vv -n -sP x.x.x.x/yy

Once you know which hosts are up, just use nessus to do vulnerability scanning of hosts that are up.

Hope this helps.

S



----- Original Message ----- From: <chmod077@gmx.de>
To: <Nessus@list.nessus.org>
Sent: Saturday, January 29, 2005 2:34 PM
Subject: ping before scan of the host


Dear scanners,
I have to scan a range of IP's automatically (via commandline)
e.g. 10.1.2.0/16.

And I really do not know, which IP's are online.
I want to prevent my scan from taking hours or days because
of waiting for timeouts....

I read about switching off the nmap portscans inside Nessus because of
timing problems.

So I think about doing a ping before scanning
each of the boxes.


Can this ping being done inside the Nessus scan?
If yes, what is to do?
OR
Is it better to

first do a nmap-ping-scan > file_of_IP_alive
then  do the nmap-scan with [file_of_IP_alive] as input ?

would be nice to get a hint.
Thank you all.


--
NCSISU
Non Certified Security Information Systems User

GMX im TV ... Die Gedanken sind frei ... Schon gesehen?
Jetzt Spot online ansehen: http://www.gmx.net/de/go/tv-spot
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: understanding reports, Michel Arboi
Next by Date:  Re: Can't perform local security check, Nicolas Pouvesle
Previous by Thread:  ping before scan of the host, chmod077
Next by Thread:  Re: ping before scan of the host, Nicolas Pouvesle
Indexes:  [Date] [Thread] [Top] [All Lists]