PaulDotCom mailing list archives
Re: Asset discovery and ICMP protocol
From: Zate <zate75 () gmail com>
Date: Tue, 15 Feb 2011 10:59:37 -0500
You can always try the TCP ping stuff in nmap, typically most devices (at least the ones you might care about) have management ports. so scan for things like 22, 23, 80, 443, 139, 445, 3389 and the like. commonly used ports that would be present on a device you'd expect to see. this wont get you everything, but if your scanner has decent access it should get you a large chunk of the regular devices on a network. it can be done pretty quickly in nmap too. Look at the -PS/PA/PU/PY switches. Zate On Tue, Feb 15, 2011 at 10:25 AM, Kevin Shaw <kevin.lee.shaw () gmail com>wrote:
Nmap uses more than ICMP ping requests to determine the hosts on a network http://nmap.org/book/man-host-discovery.html. Also, you may use your tool of choice *without* using a network discovery method; for example scanning for NETBIOS, SMB, web, etc. or arbitrarily portscanning every single address. If you are just trying to conduct an assessment; DNS records, host files, or similar means should be a way for you to assess the entire system. Do you have an accurate and complete inventory? I would only use an arbitrary scanning method (again no pings, arp, etc.) if I am validating an inventory or looking for rogue devices. It can take a very long time to scan 65K+ ports even on a half dozen IP addresses let alone an entire Class C - but you may have to do that for rogue device detection to catch an attempted hidden listening high number port. On Tue, Feb 15, 2011 at 12:51 AM, Subba Rao <kleanchap () tanucoo com> wrote:I have a few questions on Vulnerability assessment. How can network assets in an Enterprise network be discovered if the ICMP is turned off on the network? Does NMap depend on the ICMP protocol for mapping the network assets? How do the commercial vulnerability scanners discover the assets? Thank you in advance. Subba Rao _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Asset discovery and ICMP protocol Subba Rao (Feb 15)
- Re: Asset discovery and ICMP protocol Albert R. Campa (Feb 15)
- Re: Asset discovery and ICMP protocol Kevin Shaw (Feb 15)
- Re: Asset discovery and ICMP protocol Zate (Feb 15)
- Re: Asset discovery and ICMP protocol Mike Patterson (Feb 15)