Re: Mapping Class A network ( any easy trick?)

From: John Thomas (mjohn2000_99@yahoo.com)
Date: Fri Feb 11 2005 - 23:23:44 EST


('binary' encoding is not supported, stored as-is) In-Reply-To: <6b0d9eef050210044538f5dda4@mail.gmail.com>

Thanks everybody for your advice, they were very helpful.
I forgot give u details about my scan. It is a private network consists of about 10,000 hosts. I am planning this step as the first step of the penetration testing (well, I may have to cut down to vulnerability scan like u guys suggested).

I am thinking about going for nmap pingsweep. That would give me all (well most of them) IPs. I am also looking into some of the tools and tricks(DNS, snmp, etc) suggested by you. Nmap was doing a pretty good for me, so I can’t just give away my friend. ;)

Well, thanks again guys

>
>Hi,
>
>I once used a program called networkview to scan a Class A network. In
>4 hours it was at 36% of the scan. I was scanning for "normal" ports
>and a few others of my concern. Very impressive, very fast. I was
>using a 3Mbps download 256Kbps upload connection at the time.
>
>Some info from publisher:
>
>NetworkView 3.1 Rating: 5/5
>
>--------------------------------------------------------------------------------
>
>License: Shareware
>
>Price: $79.00
>
>Expires after 30 Days
>
>Information:
>This is a compact network discovery and management tool for the Win32
>platform. It will discover all TCP/IP nodes and draw a full graphical
>map, including routes, from DNS, MAC Addresses, SNMP, WMI and TCP port
>information. It can also poll the network and send an e-mail when
>nodes are unreachable.
>With more than 11,000 entries in its SNMP and MAC address databases,
>it can be used from a floppy disk. Full print and print preview
>capabilities for maps and lists are included.
>
>Note: SNMP must be installed, and administrator rights are necessary
>for discovery and monitoring.
>
>Additional Software Required:
>SNMP
>
>Cheap and fast. That's how I like it.
>
>Note: I do not work for the publisher nor will I get money for this
>(Damn, I should get money for this!).
>
>Hope it helps.
>
>
>
>
>On Tue, 08 Feb 2005 09:34:10 -0800 (PST), John Thomas
><mjohn2000_99@yahoo.com> wrote:
>>
>>
>> I am about to do a penetration testing on a "Class A
>> network" and wondering how I can map the network
>> without pinging 17 million IPs.(nmap -Sp 10.0.0.0/8)
>>
>> I did some research and the best information I got is
>> from one of the earlier post on this
>> list(http://seclists.org/lists/pen-test/2004/Jul/0067.html)
>> . It was to use broadcast IPs for pings. But it may miss some subnets.
>>
>> Is that the best way to it? If not, please advise
>>
>
>
>--
>Ismael Gonzalez
>CEO / Consultant
>Allied Technologies, Inc.
>



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:16 EDT