Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

The Perfect Scan

from [Steve Smith [Temp Email]] Network Security [Permanent Link]
Subject: The Perfect Scan
Date: Mon, 30 May 2005 15:12:32 -0400 
Hello Everyone,

My boss has just tasked me with completing some vulnerability scans of some
windows and UNIX based networks.   Each network contains no more then 30
nodes, (PC's)

What I'm hoping is you guys can help me find the right settings to complete
the scan.

Here are some of the characteristics I would like to see in my scan

       1)      Speed - the faster the scan is complete, the better.  Right
now it is responding slow during TCP scans.
       2)      Accuracy - the scan must be accurate and report all
vulnerabilities (less false positives)
       3)      Gentle - the scan can not crash the nodes

Here are my settings so far:

PLUGINS

       -       Enable all but dangerous (of course...)

SCAN OPTIONS

Number of hosts to scan:  30 (at the most)
Number of checks to perform...:   40 (at the most)

Optimize the test is checked
Safe checks is on  (I don't want to crash the servers...)

PREFS

TCP Scanning Technique:
- SYN Scan
- UDP Scan
- Don not radomize...

Timing Policy:
- Auto

Port Scanners
- Exclude top level domains is checked
- Nessus TCP scan
- Nmap (NASL Wrapper)

I am looking for any recommendations on how to better my scan based on the
characteristics listed above.

A few questions I have about my settings are:

Is a UDP scan required?
Should I be scanning RCP services?
My port scans are very slow.  What is the fastest way to footprint the
system?

Thanks!!
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Windows Service Pack scanning, AnalyzerN
Next by Date:  The Perfect Scan, Steve Smith [Temp Email]
Previous by Thread:  Suggestion for hostname guessing, Jason Haar
Next by Thread:  The Perfect Scan, Steve Smith [Temp Email]
Indexes:  [Date] [Thread] [Top] [All Lists]