Large network scan on machines that I don't have passwords for
I may have an unusual question that someone may be able to help with or at least have a fun discussion around. I work at a University and we are currently decentralized IT for the most part, but Central IT takes care of the large services, email, network, AD/SCCM for departments that want to use it. Within the last year we started using PDQ to Inventory all the machines that are attached to AD and using Deploy to auto-update 3rd party apps to those we can connect to. All is great.
My question/discussion is around the security team (my group) would like to scan most of our entire network with PDQi, avoiding our open wireless, data center, and virtual machines, which shouldn't be too hard using IP ranges. We would like to do this to get a better feel for all that is on out network that departments aren't telling us about. I'm pretty sure if we don't have creds PDQi can still collect things like machine name, OS, Version, IP address. This would be very helpful for us.
So some of the questions:
Should we spin up another instance to scan the network? I am thinking maybe so... there will be a ton of garbage mixed in with our nice /fairly clean setup, it may slow things down in our current system, I don't want things to scan with or lock up creds that won't work on the potential 1000's of systems we may be scanning. or am I just worrying too much and it will be fine to do in our current setup?
Looks like you have to input creds to setup a network scan, I know I will not have creds for machines it hits, are there any problems if I just just use admin/password for the scan creds knowing that they wont work?
Are there any other problems I might hit or any other suggestions someone might have thinking this through would be a great help!
Thanks for reading my wall of text.
Comments