RE: Discovery Scanning Issues

From: David Ball (lostinvietnam@hotmail.com)
Date: Sun Jan 08 2006 - 21:22:11 EST


I'd second Carlos' comment below on getting yourself set up with a proper
Firewall. The Juniper Netscreen 5GT with ADSL support is a worthy product
and it comes in a Wireless version if you need that kind of functionality.
I've found the home type ADSL combined router/switch/AP to be a bit flaky
when it comes to heavy duty scanning.

http://www.juniper.net/products/glance/nscn_5.html

David.

-----------------------------------------------------------------------
>
>"Carlos A. Morillo" <carlos@morillo.us>
>No Phone Info Available
>01/08/2006 02:54 AM
>
>To
><pen-test@securityfocus.com>
>cc
>
>Subject
>Re: Discovery Scanning Issues
>
>Configure your DSL access device as a bridge and get a entry level
>hardware firewall, something like a PIX 501 or a NetScreen 5.
>
>
>Carlos Morillo
>Atlanta, GA
>
>
>
>
>
>
>----- Original Message -----
>From: <kataka@hush.com>
>To: <pen-test@securityfocus.com>
>Sent: Saturday, January 07, 2006 10:47 AM
>Subject: DSL: Discovery Scanning Issues
>
>
> > DSL was finally brought to where I live, and I have started
> > experimenting with discovery scans using Nmap.
> >
> > The problem is, if I try and scan for more than 1024 ports on a
> > single host, my cheep-o Zoom DSL router/modem/switch/thingy starts
> > to flake out, in the sense I can't ping my DSL router any more and
> > I loose connectivity to the Internet until I reset the router.
> >
> > I believe this is because Nmap is filling up my router's NAT pool
> > or something. I've looked at the config of the router and it's only
> > got a 1024 connection NAPT port limit that cannot be adjusted and
> > timeouts measured in seconds as opposed to ms.
> >
> > What should I do? Are other people with low-end DSL routers able to
> > overcome this problem? Should I look at getting a better router, if
> > so, what kind? Or, is it best to not scan through NAT and assign my
> > Internet Routable IP to my scanning box directly? If so, how would
> > this work under DSL, would I need to buy some kind of an Ethernet
> > to RJ-11 adapter card, configure routing, install PPP encapsulation
> > software on the box itself?
> >
> >
> >
> >
> > Concerned about your privacy? Instantly send FREE secure email, no
>account
> > required
> > http://www.hushmail.com/send?l=480
> >
> > Get the best prices on SSL certificates from Hushmail
> > https://www.hushssl.com?l=485
> >
> >
> >
>------------------------------------------------------------------------------
> > Audit your website security with Acunetix Web Vulnerability Scanner:
> >
> > Hackers are concentrating their efforts on attacking applications on
>your
> > website. Up to 75% of cyber attacks are launched on shopping carts,
>forms,
> > login pages, dynamic content etc. Firewalls, SSL and locked-down servers
>
> > are
> > futile against web application hacking. Check your website for
> > vulnerabilities
> > to SQL injection, Cross site scripting and other web attacks before
> > hackers do!
> > Download Trial at:
> >
> > http://www.securityfocus.com/sponsor/pen-test_050831
> >
>-------------------------------------------------------------------------------
> >
> >
>
>
>------------------------------------------------------------------------------
>Audit your website security with Acunetix Web Vulnerability Scanner:
>
>Hackers are concentrating their efforts on attacking applications on your
>website. Up to 75% of cyber attacks are launched on shopping carts, forms,
>
>login pages, dynamic content etc. Firewalls, SSL and locked-down servers
>are
>futile against web application hacking. Check your website for
>vulnerabilities
>to SQL injection, Cross site scripting and other web attacks before
>hackers do!
>Download Trial at:
>
>http://www.securityfocus.com/sponsor/pen-test_050831
>-------------------------------------------------------------------------------
>

_________________________________________________________________
Get 10Mb extra storage for MSN Hotmail. Subscribe Now!
http://join.msn.com/?pgmarket=en-hk

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:20 EDT