Re: Assessing a machine with 2 NICs

From: Mark Owen (mr.markowen@gmail.com)
Date: Mon Sep 12 2005 - 12:07:58 EDT


On 9 Sep 2005 00:09:12 -0000, barcajax@gmail.com <barcajax@gmail.com> wrote:
> Lets say we have a machine running critical business applications connected to the >enterprise network on 2 NICs. From an assessment/audit point of view, is it necessary to >scan both NICs using assessment tools like NMap and Nessus? Will both scan results >produce the same findings (as in same ports and services open)?

Different NICs could be running different services. If I have IIS or
Apache running on a box, I could configure it to use only one NIC or
both NICs. If that is the case then each NIC will return different
results.

> Does the OS or applications influence the detection of ports/services on different NICs on >the same physical machine?

Not likely by default, but you never know. A default install of
Windows or GNU/Linux will not be influenced by a scan. However, it is
possible to install applications that will detect a scan and react to
scans, therefore giving the scans inaccurate information.
Mark Owen

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:52 EDT