On Mon May 30 2005 at 21:33, Steve Smith [Temp Email] wrote:
1) Speed - the faster the scan is complete, the better. Right
now it is responding slow during TCP scans.
Even nessus_tcp_scanner?
2) Accuracy - the scan must be accurate and report all
vulnerabilities (less false positives)
If you find problems, send them to us.
3) Gentle - the scan can not crash the nodes
That's nearly impossible, you'll always find a crapy program that gets
mad when a port scanner is run. I'd rather say "the scan should not
try to crash nodes".
- Enable all but dangerous (of course...)
Useless, it is redundant with safe_checks.
Enable all plugins.
Number of hosts to scan: 30 (at the most)
OK.
Number of checks to perform...: 40 (at the most)
Wrong. This is the number of checks per host. Use something like 2 or
3 if you want gentle scans.
Optimize the test is checked
Right, that's quicker.
Safe checks is on (I don't want to crash the servers...)
OK
- UDP Scan
UDP scan is veryyyyyy slow against Linux, BSD.... And intrusive
against some gizmos. So it is disabled in "safe checks" unless you
click on the option "shoot me in the foot".
...
Sorry, I think the exact name of this option is: "Run dangerous port
scans even if safe checks are set" :)
- Nessus TCP scan
- Nmap (NASL Wrapper)
Remove Nmap unless you need specific features. You don't need two TCP
scanners.
You can enable snmpwalk and netstat if you think that they have a
chance to catch something. They are rather quick.
Is a UDP scan required?
Probably not. And it can be very slow against some OS.
Should I be scanning RCP services?
Probably not.
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
