Re: DSL modems used for pen-testing

From: Peter Wood (peterw@firstbase.co.uk)
Date: Fri Jul 11 2003 - 02:55:03 EDT


We have had exactly this problem running both Mingsweeper and Internet
Scanner on our ADSL line. This is with an ADSL router installed by British
Telecom. Nmap so far seems to have been okay. The only difference we could
come up with was that nmap is scanning in a random (non-sequential) order.
We now have a second ADSL line and are going to test a Netgear DM602 for
comparison.

Pete

At 12:13 09/07/2003 -0700, you wrote:
>Has anyone else run into the problem of "swamping" the connection tables
>in their DSL modems (on the attack side and the target side)? I
>currently have a Zyxel 643 router/ADSL modem that I "wanted to use for
>pen-testing, but the darn thing dies when doing something as simple as a
>port scan.
>
>I you have run into the problem, what was the fix other than throttling
>the scanning app? If a new modem, which one?
>
>TIA
>
>Toby
>
>
>---------------------------------------------------------------------------
>The Lightning Console aggregates IDS events, correlates them with
>vulnerability info, reduces false positives with the click of a button,
>anddistributes this information to hundreds of users.
>
>Visit Tenable Network Security at http://www.tenablesecurity.com to learn
>more.
>----------------------------------------------------------------------------
>
>
>

----------------------------------------------------------
Peter Wood
Chief of Operations
First Base Technologies
+44 (0)1273 454525
www.fbtechies.co.uk
www.white-hats.co.uk

---------------------------------------------------------------------------
The Lightning Console aggregates IDS events, correlates them with
vulnerability info, reduces false positives with the click of a button, anddistributes this information to hundreds of users.

Visit Tenable Network Security at http://www.tenablesecurity.com to learn
more.
----------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:36 EDT