From: Evans, Arian (Arian.Evans@fishnetsecurity.com)
Date: Wed Nov 24 2004 - 15:55:07 EST
> -----Original Message-----
> From: dale ball [mailto:dale_ball@yahoo.com]
> Sent: Tuesday, November 23, 2004 12:34 PM
> To: pen-test@securityfocus.com
> Subject: Retina scans caused broadcast storms
>
> Has anyone ever caused a full blown broadcast storm by using
> the Retina Security Scanner.
No, but it is possible with any scanner, depending on what
you are scanning and what port scanning options/ranges you
have set in Retina (or Nessus or Foundscan or whatever). Some
older network gear and *nixes will respond pretty happily to
everyone with a bit of probing.
Also, if you have fed Retina windows auth credentials and
told it to do full log-on NTLM scans, and you also have
speed set to '5', you are 100% guaranteed to see a performance
impact on systems. Slower workstations may see a significant
performance impact in application responsiveness and network
connectivity.
This can be avoided by using a less aggressive configuration.
Retina pretty much does what you tell it to.
HtH
Arian Evans
Sr. Security Engineer
FishNet Security
KC Office: 816.421.6611
Direct: 816.701.2045
Toll Free: 888.732.9406
Fax: 816.474.0394
http://www.fishnetsecurity.com
The information transmitted in this e-mail is intended only for the addressee and may contain confidential and/or privileged material.
Any interception, review, retransmission, dissemination, or other use of, or taking of any action upon this information by persons or entities
other than the intended recipient is prohibited by law and may subject them to criminal or civil liability. If you received this communication
in error, please contact us immediately at 816.421.6611, and delete the communication from any computer or network system.
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:09 EDT