Slashdot Mirror

← Back to Stories (view on slashdot.org)

Kinder, Gentler Security Scans?

Posted by Cliff on from the but-the-hackers-won't-send-a-memo dept.

klausner asks: "I'm working at a large company that is trying to be more thorough about things like network security scanning. When Security told Operations they were planning to do this, there were immediate screams of anguish, and insistence that scans could only be done in the maintenance window, only with prior notice, and with a bunch of other restrictions. Needless to say, this is less than ideal. Given the size of the network, it would take weeks to do a single scan set. However, it is reasonable to take steps to ensure that the scans do not interrupt business traffic, or cause undesirable side effects like crashing target systems. What sort of limits are the readers out there using to ensure safe scanning? Limiting the bandwidth to a fixed percentage? Limiting the number of simultaneous tests? What other kinds of things can I do to limit the scans effect on network performance?"

2 of 54 comments (clear)

  1. Restrictions by lightspawn · · Score: 4, Funny

    When Security told Operations they were planning to do this, there were immediate screams of anguish, and insistence that scans could only be done in the maintenance window, only with prior notice, and with a bunch of other restrictions.

    Just make sure Operations let the crackers know about these restrictions as well, and you'll be fine.

  2. Memo: by Anonymous Coward · · Score: 3, Funny
    From: Jack Cracker
    To: Network Operations

    In accordance with your policy on security related network traffic, please be advised that I will attempt to DDOS the web server located at IP XXX.XXX.XXX.XXX and compromise the database server located at IP XXX.XXX.XXX.XXX, starting shortly after the start of the maintainence window at 8:00 UTC. If all goes successfully, the database will be corrupted by 9:00 UTC and the DDOS will cease shortly thereafter. All due efforts will be taken to minimize effects on connectivity for other networks users, and network traffic for this sequrity breach will be limited to the two above mentioned IP addresses.

    I appologize for any inconvieniece this may cause you, but it is nessasary to "ownerz" your system.

    Thank You,
    Jack Cracker
    Vice Prezident of Black Hats P.S. I would appreciate it if you would facilitate my exploit by reverting to an unpatched version of IIS on the database server.