From: Thor (Hammer of God) (thor@hammerofgod.com)
Date: Mon Sep 12 2005 - 00:07:50 EDT
Not just both cards, but all IP's the system has bound (a single NIC can
have multiple IP's). Some services may just be bound to a single IP on the
system - just scanning one NIC/IP could leave you open if a particular
service is bound only to the other NIC/IP (like terminal services, FTP,
HTTP, etc.)
t
----- Original Message -----
From: <barcajax@gmail.com>
To: <pen-test@securityfocus.com>
Sent: Thursday, September 08, 2005 5:09 PM
Subject: Assessing a machine with 2 NICs
> Lets say we have a machine running critical business applications
> connected to the enterprise network on 2 NICs. From an assessment/audit
> point of view, is it necessary to scan both NICs using assessment tools
> like NMap and Nessus? Will both scan results produce the same findings (as
> in same ports and services open)?
> Does the OS or applications influence the detection of ports/services on
> different NICs on the same physical machine?
>
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:52 EDT