AutomAteD VulnerAbility ScAnnerS 131
departments. e usual expectation with CASE teams is that your
automated scanner is nondisruptive—you can set it o merrily scan-
ning the entire internal network with no side eects. I am personally
aware of seemingly random Cisco devices crashing just with default
TCP port scanning. ese were devices with plenty of memory, and
the problem cannot be narrowed down to specic devices and models.
Also, if there are servers that are especially old, with legacy software,
they may well be susceptible to crashes when subject to autoscanning.
Around 2006, an analyst in Malaysia kicked o an internal scan
in HELL’s Prague data center without any warning. e estimated
damage of the unintentional denial of ser