From: linux seaq (linux@seaq.com.co)
Date: Thu May 29 2003 - 18:33:53 EDT
Sometime ago "Pete Herzog" <pete@isecom.org> (exactly the Thu, 29 May
2003 22:55:03 +0200), wrote:
>
> Rule of thumb for security testing enumeration-- straight out of
> OSSTMM 2.5 RED--
>
Hi, right now i'm doing a nessus vuln scan with top20 in a ~3000 hosts /
multiple subnets network (about 90 subnets) all of them about 1 max 2
hops from me.
First i search for online hosts, using nmap scanning for netbios ports
and web ports, it took 2-3 hours without OS fingerprinting (it was done
several times in 2 weeks, so i could get a somehow accurate map form the
network). if i used OS fp it take from 6 to 10 hours to do the whole
scan.
Second i split the hosts detected by subnets (the most populated has
about 200 hosts) and merge the subnets whose population were less than
50 hosts (so i could get 100-200 blocks of ip)
Third i started nessusd (yesterday, to be accurate) and for the first
subnet with 180 hosts it took about 3 hours (2 hops from me).
but today the next subnet (same size/hops) is taking 7 hours..
i'll send you the timings after the process is completed.. (well i hope
it would finish some day)
hope this helps
--- Andres Mauricio Mujica SEAQ SERVICIOS CIA LTDA www.seaq.com.co --------------------------------------------------------------------------- ----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:33 EDT