Re: Port Scanning

From: 4secure@web.de
Date: Wed Dec 15 2004 - 04:37:11 EST


Beside the available bandwidth it is to be necessary to thoughts over the number of maximum session.

With an extensive port scan it can come otherwise to unpleasant surprises:

1.) network equipment (e.g. firewall) on the side of the tester blocks the scan, if no more sessions can be administered.

2.) network equipment on the test side cannot accept far more sessions.

The consequence is: The tester receives wrong results and/or the internet access of one or both sides will be blocked by the scan.

If such a thing happens, it has the same effect, as DoS attack.

The more slowly a scan is accomplished, the smaller is the danger that it comes to disturbances.
This applies also if not the complete port range is examined (fewer sessions).
With a slow Scan the results are more exact.
With attainable systems one should examine however the complete port range.

One can optimize the local side quite well, so that it dose not come to session problems with a fast and extensive scan. With the remote side the situation looks however differently.

- Istvan
__________________________________________________________
Mit WEB.DE FreePhone mit hoechster Qualitaet ab 0 Ct./Min.
weltweit telefonieren! http://freephone.web.de/?mc=021201



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:11 EDT