Thank
you for the response.
We are
considering NMAP. But, ISS is our official product, we wanted to see
if ISS would function similar to NMAP (not a full blown scan). In that it
would not impact the scanning devices and yet distinguish the device
types. I believe I misused the word stealth. What I really want is
not to impact system resources and still discover unknown devices and type of
devices.
Thanks,
Marc
-----Original Message-----
Sent: Tuesday, February 04, 2003 9:57 AM
Subject: RE: [ISSForum] ISS - Stealth - IP SweepWhy would you need it to be "stealth" to find machines on the network? IS performs ICMP echo request as the basic discovery tool.You can tailor a policy or use the inventory policy that comes with IS and look for services that are turned on to help determine what device it is that is responding.Perhaps using NMAP and building a host table would better suit your needs.regards,
Mark-----Original Message-----
From: Gonzalez, Jesus M [mailto:[EMAIL PROTECTED]]
Sent: Monday, February 03, 2003 4:06 PM
To: '[EMAIL PROTECTED]'
Subject: [ISSForum] ISS - Stealth - IP SweepCan ISS run a stealth IP sweep to find the items mentioned below. If so, how is it done? ( I'm not referring to the stealth port scan in the vulnerability db)
I need to determine what devices (IP's) are on the network before scanning them. Can ISS do this?
1. If so, how and what information is echoed back to the scanning machine?
2. If so, is it possible to distinguish the responding devices to be firewalls, routers, or switches?Thank you,
Marc
