Nmap uses more than ICMP ping requests to determine the hosts on a network http://nmap.org/book/man-host-discovery.html. Also, you may use your tool of choice *without* using a network discovery method; for example scanning for NETBIOS, SMB, web, etc. or arbitrarily portscanning every single address. If you are just trying to conduct an assessment; DNS records, host files, or similar means should be a way for you to assess the entire system. Do you have an accurate and complete inventory? I would only use an arbitrary scanning method (again no pings, arp, etc.) if I am validating an inventory or looking for rogue devices. It can take a very long time to scan 65K+ ports even on a half dozen IP addresses let alone an entire Class C - but you may have to do that for rogue device detection to catch an attempted hidden listening high number port.
On Tue, Feb 15, 2011 at 12:51 AM, Subba Rao <[email protected]> wrote: > I have a few questions on Vulnerability assessment. > > How can network assets in an Enterprise network be discovered if the > ICMP is turned off on the network? > > Does NMap depend on the ICMP protocol for mapping the network assets? > > How do the commercial vulnerability scanners discover the assets? > > Thank you in advance. > > Subba Rao > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
