Penetration Testing mailing list archives
Re: Nmap
From: james () zero-internet org uk
Date: Sat, 1 Oct 2011 18:48:30 +0000
Most of the time using nmap to tell if a host is up is the wrong thing to do. What's the background? What's the host? Why not try an ssh/rdp port, or looking for a webserver? Port scanning is messy and noisy, you're better testing thing one by one like that. Sent from my BlackBerry® wireless device -----Original Message----- From: Mel Chandler <mel.chandler () gmail com> Sender: listbounce () securityfocus com Date: Sat, 1 Oct 2011 11:40:19 To: Ukpong<ukpong.ukpong () gmail com> Cc: <pen-test () securityfocus com> Subject: Re: Nmap The best way I can think of off the top of my head is to do two similar scans, one with a ping scan and the other looking for open ports but without pinging (-Pn) dumping them to two different files and do a diff between them. Granted if you have a host out there without any ports open (or you just didn't scan for the port it had open) you'll miss it. Maybe someone else has a better idea? Chandler Bing On Fri, Sep 30, 2011 at 2:17 PM, Ukpong <ukpong.ukpong () gmail com> wrote:
Can somebody suggest the best NMAP commands for identifying hosts that are not responding to ICMP ping requests ? ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Nmap Ukpong (Oct 01)
- Re: Nmap Mel Chandler (Oct 01)
- Re: Nmap james (Oct 01)
- Re: Nmap Marco Ivaldi (Oct 03)
- Re: Nmap Tim Gonzales (Oct 01)
- Re: Nmap Jerry (Oct 01)
- Re: Nmap Jeffory Atkinson (Oct 01)
- Re: Nmap John M. Martinelli (Oct 03)
- Opinions on Burp Suite Web App Scanner Derrenbacker, L. Jonathan (Oct 12)
- Re: Opinions on Burp Suite Web App Scanner pand0ra (Oct 12)
- Re: Opinions on Burp Suite Web App Scanner Fabio Cerullo (Oct 12)
- Re: Opinions on Burp Suite Web App Scanner Matt Gardenghi (Oct 12)
- RE: Opinions on Burp Suite Web App Scanner Ben de Bont (Oct 12)
- Re: Nmap John M. Martinelli (Oct 03)
- Re: Nmap Mel Chandler (Oct 01)