Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Scanning Class A network

from [Adam Jones] Network Security [Permanent Link]
Subject: Re: Scanning Class A network
Date: Wed, 26 Oct 2005 08:26:55 -0700 
A lot of people have mentioned the bandwidth involved in doing this,
and I wonder if it would be possible to fake an external scan using ip
address spoofing and some passive monitoring equipment. The idea would
be to take an ip address outset of the networks address range and
either assign that to a machine or spoof packets to that address and
if you did use spoofing pick up return packets passively as they try
to find their way out. Probably should do this with an ip address that
you control, otherwise you might get someone just a bit upset.

Really though if their firewalls are configured to silently drop
packets that do not actually "hit" something (as most of the
configurations I see today do) then you will be at this forever. My
suggestion is to try and get this divided up. Get an idea of what they
are looking for with this audit. If they want insecure machines/rogue
servers on systems they know are live then use the arp tables on your
routers (as someone suggested earlier) to put together a scan list. If
they want to catch unauthorized network connections try to do some
work correlating dhcp assignments with known hosts and see what is
left over after you are done. My point is that "scan this entire class
A 1-65535" is probably A) more data than can be easily interpreted to
make useful, B) more work than that data will probably be worth, and
C) nowhere near as effective as focusing on specific individual tasks.

In the end though the guys that write the checks make the decisions.
If trying to get them to take a more reasonable course of action here
does not work then a lot of other people have great suggestions on how
to get it done.

-Adam

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: FW: Merging .NBE, Josh Perrymon
Next by Date:  Backdoor:Win32/Hackdef.E, Alex Stender
Previous by Thread:  RE: Scanning Class A network, Talisker
Next by Thread:  RE: Scanning Class A network, Brian Loe
Indexes:  [Date] [Thread] [Top] [All Lists]