Re: Scanning Class A network

["Steve Micallef" <steve () binarypool com>]

Hi tarunthenut,

> The scan needed to be carried out externally, and not from within the
> network to identify hosts and ports exposed to the Internet.
> The problem compounded cause of the following limitations :
> 1. ICMP was not allowed in the network

This isn't a big problem

> 2. The IP range was to be scanned every month for the entire port range 
> fro=
> m
> 1-65535 for TCP & UDP

Scanning TCP using SYN scanning should be quite fast (make sure you're 
running nmap as root, otherwise it won't use SYN scanning), however there 
isn't much in the way of fast UDP scanning due to its connectionless nature, 
hence the scanner needs to send out a UDP packet and hope one comes back (or 
a 'port unreachable' ICMP message).

> After searching for a suitable scanner which could scan such a large range
> in reasonable time, I could think of only nmap, nessus, superscan and ISS.
> But because of the limitations stated above,all the tools took a huge
> amount of time (ran into month).

You might want to check out Unicornscan. I haven't used it myself, but I've 
heard it's quite fast: http://www.unicornscan.org/main.html.

Cheers,

Steve Micallef
http://www.binarypool.com 

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------