I have a client that needs to deploy security patches for Apache but are not 100% sure of which host houses the instance or the ports used either.
My question is how can I identify 100% of the instances effectively and reasonably quietly without scanning nearly all of the ports on all the hosts? I thought of pulling the ports enabled from the host based firewall solution and scanning these with nmap. But a port could be blocked through the firewall and an instance still listening locally although not remotely accessible providing the FW is running. These do exist for tools run locally and I've seen the FW fail too so want to ensure coverage for these also. I like the idea of using Nessus (which I have) to perform a credentialed local scan of the ports listening on the server but I think this needs SMB and Admin shares enabled which I don't have. Is there another way to do this? Grateful for any ideas. Regards, K41zen _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
