Re: Assessing a machine with 2 NICs

From: Fósforo (fosforo@gmail.com)
Date: Sun Sep 11 2005 - 15:33:31 EDT

• Next message: Mordread Wallas: "Re: nmap showing port 21 (ftp) open, but port is actually closed"
• Previous message: Bruce K. Marshall: "Re: Whitespace in passwords"
• In reply to: barcajax@gmail.com: "Assessing a machine with 2 NICs"
• Next in thread: Andres Riancho: "Re: Assessing a machine with 2 NICs"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Yes, you should scan both NICs to get different views and the OS
detection can also change depending on the closed/open services in
each interface.
Some critical services shouldn't return high-risk information mainly
in the public NIC (assuming one of the nics is directly connected to
the internet).
if running nmap i suggest try the last 3.90, with services database improved.

t+

9 Sep 2005 00:09:12 -0000, barcajax@gmail.com <barcajax@gmail.com>:
> Lets say we have a machine running critical business applications connected to the enterprise network on 2 NICs. From an assessment/audit point of view, is it necessary to scan both NICs using assessment tools like NMap and Nessus? Will both scan results produce the same findings (as in same ports and services open)?
> Does the OS or applications influence the detection of ports/services on different NICs on the same physical machine?
>
> ------------------------------------------------------------------------------
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
> futile against web application hacking. Check your website for vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> -------------------------------------------------------------------------------
>
>

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: Mordread Wallas: "Re: nmap showing port 21 (ftp) open, but port is actually closed"
• Previous message: Bruce K. Marshall: "Re: Whitespace in passwords"
• In reply to: barcajax@gmail.com: "Assessing a machine with 2 NICs"
• Next in thread: Andres Riancho: "Re: Assessing a machine with 2 NICs"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:52 EDT