From: Carlos A. Morillo (carlos@morillo.us)
Date: Sat Jan 07 2006 - 13:54:25 EST
Configure your DSL access device as a bridge and get a entry level hardware
firewall, something like a PIX 501 or a NetScreen 5.
-- Carlos Morillo Atlanta, GA ----- Original Message ----- From: <kataka@hush.com> To: <pen-test@securityfocus.com> Sent: Saturday, January 07, 2006 10:47 AM Subject: DSL: Discovery Scanning Issues > DSL was finally brought to where I live, and I have started > experimenting with discovery scans using Nmap. > > The problem is, if I try and scan for more than 1024 ports on a > single host, my cheep-o Zoom DSL router/modem/switch/thingy starts > to flake out, in the sense I can't ping my DSL router any more and > I loose connectivity to the Internet until I reset the router. > > I believe this is because Nmap is filling up my router's NAT pool > or something. I've looked at the config of the router and it's only > got a 1024 connection NAPT port limit that cannot be adjusted and > timeouts measured in seconds as opposed to ms. > > What should I do? Are other people with low-end DSL routers able to > overcome this problem? Should I look at getting a better router, if > so, what kind? Or, is it best to not scan through NAT and assign my > Internet Routable IP to my scanning box directly? If so, how would > this work under DSL, would I need to buy some kind of an Ethernet > to RJ-11 adapter card, configure routing, install PPP encapsulation > software on the box itself? > > > > > Concerned about your privacy? Instantly send FREE secure email, no account > required > http://www.hushmail.com/send?l=480 > > Get the best prices on SSL certificates from Hushmail > https://www.hushssl.com?l=485 > > > ------------------------------------------------------------------------------ > Audit your website security with Acunetix Web Vulnerability Scanner: > > Hackers are concentrating their efforts on attacking applications on your > website. Up to 75% of cyber attacks are launched on shopping carts, forms, > login pages, dynamic content etc. Firewalls, SSL and locked-down servers > are > futile against web application hacking. Check your website for > vulnerabilities > to SQL injection, Cross site scripting and other web attacks before > hackers do! > Download Trial at: > > http://www.securityfocus.com/sponsor/pen-test_050831 > ------------------------------------------------------------------------------- > > ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:20 EDT