Nowadays, monitoring is a mixture of tools, systems, and codes—making it a very complex process. And with this complexity, comes variables for failure. Get DZone’s new Guide to Performance to learn how to proactively find these variables and solve them before a disruption occurs.
Course Of The Month
4 days, 14 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
PC configuration, preparations & precautions when running nmap pen test
Posted on 2016-07-21
If I'm running a pen test using nmap via public Internet to 12 IPs at a time
a) what's the PC configuration recommended?
64bit CPU ? Is Thinkpad X201 good enough?
How much RAM?
Good to have SSD for faster scan?
b) For nmap Ver 7.25, can Win XP SP3 or Windows 7 Professional (32 or 64bit)
be used?
c) do we need to pre-install with WinPCcap & MS C++ before installing nmap?
which of the two to install 1st?
d) do we need to disable AV (I have McAfee), antimalware ( the other PC on
Malwarebytes) , "data loss prevention" (Code Green) & Windows Firewall
to stop any possible 'blocks' by these tools?
e) if we were to stop any AV or antimalware indicated in item d above, is
there a risk of the laptop getting infected during the scan & possibly
this infection move on to the target IPs being scanned? If so, do we
still leave the AV/AM alone (ie running) on the laptop? Is it crucial
that the Windows laptop is patched to the latest in case it get
attacked during the scan or I just have to take precaution not to
browse any website nor run any other software (other than the
scanner) during the scan & I should be quite safe even without
up-to-date patches on the laptop?
f) attached is a list of scripts that comes with the nmap 7.25 installer.
Are they complete & up-to-date so much so that I could run
"--script all" (& certainly with -T4 so as not to affect production service)?
nmscr.txt
a) what's the PC configuration recommended?
64bit CPU ? Is Thinkpad X201 good enough?
How much RAM?
Good to have SSD for faster scan?
b) For nmap Ver 7.25, can Win XP SP3 or Windows 7 Professional (32 or 64bit)
be used?
c) do we need to pre-install with WinPCcap & MS C++ before installing nmap?
which of the two to install 1st?
d) do we need to disable AV (I have McAfee), antimalware ( the other PC on
Malwarebytes) , "data loss prevention" (Code Green) & Windows Firewall
to stop any possible 'blocks' by these tools?
e) if we were to stop any AV or antimalware indicated in item d above, is
there a risk of the laptop getting infected during the scan & possibly
this infection move on to the target IPs being scanned? If so, do we
still leave the AV/AM alone (ie running) on the laptop? Is it crucial
that the Windows laptop is patched to the latest in case it get
attacked during the scan or I just have to take precaution not to
browse any website nor run any other software (other than the
scanner) during the scan & I should be quite safe even without
up-to-date patches on the laptop?
f) attached is a list of scripts that comes with the nmap 7.25 installer.
Are they complete & up-to-date so much so that I could run
"--script all" (& certainly with -T4 so as not to affect production service)?
nmscr.txt
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
2 Comments
Active today
One more thing: I guess the laptop must not go into standby/hibernate during
the scan. So should not use 'power-saving' mode?
Should the laptop connect to the fibre broadband router (supposedly
1Gbps fibre but in some tests, I've seen download speed is only
50-62Mbits/sec & upload speed of about 23-25 Mbits/sec : I guess
upload is the crucial one as nmap sends traffic out, right?) by a cable
or Wifi is good enough & won't get disconnected?
the scan. So should not use 'power-saving' mode?
Should the laptop connect to the fibre broadband router (supposedly
1Gbps fibre but in some tests, I've seen download speed is only
50-62Mbits/sec & upload speed of about 23-25 Mbits/sec : I guess
upload is the crucial one as nmap sends traffic out, right?) by a cable
or Wifi is good enough & won't get disconnected?
Active today
A) NO!!!!!! that machine is old and not nearly powerful enough to run a legitimate pen test with. You want a quad-core w/ hyperthreading so an i7 or better even a Xeon based system or the AMD equivalent. Also you will want 16gb ram at a minimum. Yes ssd is better.
B) Neither! use Linux, BSD or OSX, but you could run them on a virtual machine on Windows 7. I use a MacBook Pro and run all my pen test software either natively on OSX or in a VM. I cant imagine running a legit pen test in a Windows environment.
C) Addressed with my above answer.
D) Again you shouldn’t be using Windows, leave your firewall and safety measures on and run them from a VM.
E) Answered above.
Nmap is not the end all pen testing tool, it’s only the tip of the iceberg for a test. You can’t use it to actually exploit anything and verify that a vulnerability is a legit vulnerability. Even the best vulnerability scanners produce false positives and need to be manually checked. My honest advice is if this pen test is mission critical, for insurance or compliance reasons seek an outside company that specializes in pen testing, cyber security, information assurance, etc.
B) Neither! use Linux, BSD or OSX, but you could run them on a virtual machine on Windows 7. I use a MacBook Pro and run all my pen test software either natively on OSX or in a VM. I cant imagine running a legit pen test in a Windows environment.
C) Addressed with my above answer.
D) Again you shouldn’t be using Windows, leave your firewall and safety measures on and run them from a VM.
E) Answered above.
Nmap is not the end all pen testing tool, it’s only the tip of the iceberg for a test. You can’t use it to actually exploit anything and verify that a vulnerability is a legit vulnerability. Even the best vulnerability scanners produce false positives and need to be manually checked. My honest advice is if this pen test is mission critical, for insurance or compliance reasons seek an outside company that specializes in pen testing, cyber security, information assurance, etc.
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Keystroke loggers have been around for a very long time. While the threat is old, some of the remedies are new!
Make the most of your online learning experience.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message.
In the To field, type your recipient's fax number @efaxsend.com.
You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers.
According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Suggested Courses
Course of the Month4 days, 14 hours left to enroll
688 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.