RT if you're a pen tester who has been told by a client that nmap scans on their public-facing systems posed unacceptable operational risk. Quote-tweet to tell a story of how a free tool scan actually did knock down a production server, whether you were blue team or red team
pic.twitter.com/jzXCm8bDay
-
-
Replying to @k8em0
can someone elaborate on what config would create a situation where nmap really would break something? That seems...like it would require the production server to be really pathological. So much so, I'd wonder how it was still up...
8 replies 1 retweet 12 likes
Replying to @mdavidallen @k8em0
On FreeBSD, an nmap scan causes accept(2) to return `0` without filling the client address structure. I saw server crashes due to this.
11:22 AM - 3 Feb 2018
from Saint-Mandé, France
0 replies
0 retweets
2 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.