Network scan tool/appliance horror stories

Bacon Zombie baconzombie at
Mon Oct 29 19:40:50 UTC 2012

It all depends on what tools they are using and how you have your system

Both NMAP and Nessus can check system\service to see if common accounts
have default or non password at all.
This can cause these accounts to be locked out.

There are other "exploits" that can cause systems\services to be DOS'd but
these normally have to be enabled.

Best to get a statement of works from them which should list all the tools
including options they will be using.

They also should be able to hand over a raw dump of ALL commands run during
the testing.

On 29 October 2012 19:25, Justin M. Streiner <streiner at>wrote:

> On Mon, 29 Oct 2012, Pedersen, Sean wrote:
>  We're evaluating several tools at the moment, and one vendor wants to
>> dynamically scan our network to pick up hosts - SNMP, port-scans, WMI, the
>> works. I was curious if anyone had any particularly gruesome horror stories
>> of scanning tools run amok.
> If you have any overloaded/under-powered network gear, such as stateful
> firewalls and routers that do lots of NAT, you might find them very
> quickly, depending on how aggressive the scanning tool is.  There might
> also be devices out there that, while possibly lightly loaded, can reach
> some minimally documented resource threshold under a very aggressive scan,
> and subsequently tip over.
> Also, if you're doing IPv6, the performance metrics for many network
> devices can be a bit more of a moving target.
> jms



LOAD "*",8,1

More information about the NANOG mailing list