Not just both cards, but all IP's the system has bound (a single NIC can
have multiple IP's). Some services may just be bound to a single IP on the
system - just scanning one NIC/IP could leave you open if a particular
service is bound only to the other NIC/IP (like terminal services, FTP,
HTTP, etc.)
t
----- Original Message -----
From: <barcajax@gmail.com>
To: <pen-test@securityfocus.com>
Sent: Thursday, September 08, 2005 5:09 PM
Subject: Assessing a machine with 2 NICs
Lets say we have a machine running critical business applications
connected to the enterprise network on 2 NICs. From an assessment/audit
point of view, is it necessary to scan both NICs using assessment tools
like NMap and Nessus? Will both scan results produce the same findings (as
in same ports and services open)?
Does the OS or applications influence the detection of ports/services on
different NICs on the same physical machine?
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
