Network Scanning Done Right by admin | Sep 10, 2012 | Blog | 0 commentsNetwork scanning starts as a simple task…nmap -oA targetUnfortunately, it quickly turns into a complicated endeavor requiring a combination of automation, manual tuning, intuition, and discipline. Here are a few gotchas we regularly run into and try to solve.Network device – firewall – reports all IPs as active and/or all ports as open/filteredSolaris devices consume a ton of scanning timeScan names mixed and matched by different scan team members leads to repeat scanning and/or “lost” resultsTarget(s) include the scanning box leading to “self scanning” and improper reportingIDS/IPS blocks/slows scanning trafficThis is just a short list of some of the problems but it shows how a simple task becomes an all-day or multi-day event requiring considerable skill and understanding of the tools (i.e., nmap, hping2, nikto, etc.).We often respond to new challenges by looking to automate or at least standardize certain elements, such as our naming convention for scan results or how we tackle doing zone-to-zone testing on a multizone network.We will follow up with some of the tips and tricks we teach new scan team members to help avoid common pitfalls.
