RE: Scanning Class A network

From: Michael Gargiullo (mgargiullo@pvtpt.com)
Date: Tue Oct 25 2005 - 15:27:09 EDT

• Next message: Chris Moody: "Re: mac to ip address tools"
• Previous message: Talisker: "RE: Scanning Class A network"
• Maybe in reply to: tarunthenut@gmail.com: "Scanning Class A network"
• Next in thread: Adam Jones: "Re: Scanning Class A network"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Think about it for a minute and do the math involved

2 trillion ports to check without a reliable method of identifying live
IP addresses.

The network you're scanning will have changed significantly in the time
it takes to complete the scan. The results will not be reliable at all.

Assuming you could build a cluster to check 100,000 ports per second,
your still talking running 33 weeks straight. Now in reality, it takes
longer then 1 second to check a port, especially if it's live.

Whoever tasked you to do this has no concept.

You could probably pull it off, if you built a huge cluster, and
consumed the majority of their bandwidth (don't forget your also limited
to the amount of outbound traffic your internet connection can handle,
ie... 384k, 768k, 1.5mb, 45mb, etc...)

Now if you could get your contract to say you get paid .1 of a penny per
port... a few months of that and you'd surpass Bill Gates' wealth.

Sorry mate, unless you spread it out over 6 months or a year, it's not
something easily done.

-Mike

-----Original Message-----
From: Mike Jones [mailto:sopiaz57@gmail.com]
Sent: Monday, October 24, 2005 2:39 PM
To: Michael Gargiullo
Cc: pen-test@securityfocus.com
Subject: Re: Scanning Class A network

You may need a bit more than a cluster of 2 386's to scan this many
ports: (tcp and udp)

2,198,989,438,980

Have you looked into the Insane option for nmap using a cluster. (See
http://openmosix.sourceforge.net/)

Sounds like an educational institution, why dont you take over a few
large computer labs and post results.

tarunthenut@gmail.com wrote:

>Hello All,
> Recently I was given a task to carry out a port scan of an entire
valid
>Class A range (Dont ask me what the huge pool of valid IP's was for :)
).
>The scan needed to be carried out externally, and not from within the
>network to identify hosts and ports exposed to the Internet.
> The problem compounded cause of the following limitations :
>1. ICMP was not allowed in the network
>2. The IP range was to be scanned every month for the entire port range
fro=
>m
>1-65535 for TCP & UDP
> After searching for a suitable scanner which could scan such a large
range
>in reasonable time, I could think of only nmap, nessus, superscan and
ISS.
> But because of the limitations stated above,all the tools took a huge
>amount of time (ran into month).
> I have struggled with options within the tools, tried configurable
>parameters (host time out, parallelism, RTT etc) and divided into
smaller
>class C networks and scanned.but still the scan seems to take ages even
if
>it is
> Any advise would be welcome :)
>
>Cheers
> tarunthenut
>
>-----------------------------------------------------------------------
-------
>Audit your website security with Acunetix Web Vulnerability Scanner:
>
>Hackers are concentrating their efforts on attacking applications on
your
>website. Up to 75% of cyber attacks are launched on shopping carts,
forms,
>login pages, dynamic content etc. Firewalls, SSL and locked-down
servers are
>futile against web application hacking. Check your website for
vulnerabilities
>to SQL injection, Cross site scripting and other web attacks before
hackers do!
>Download Trial at:
>
>http://www.securityfocus.com/sponsor/pen-test_050831
>-----------------------------------------------------------------------
--------
>
>
>
>

------------------------------------------------------------------------
------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on
your
website. Up to 75% of cyber attacks are launched on shopping carts,
forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers
are
futile against web application hacking. Check your website for
vulnerabilities
to SQL injection, Cross site scripting and other web attacks before
hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
------------------------------------------------------------------------
-------

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: Chris Moody: "Re: mac to ip address tools"
• Previous message: Talisker: "RE: Scanning Class A network"
• Maybe in reply to: tarunthenut@gmail.com: "Scanning Class A network"
• Next in thread: Adam Jones: "Re: Scanning Class A network"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:05 EDT