Andy,
Comparing nmap to nessus ain't apples-to-apples. Nessus is a whole lot
busier behind the scenes than nmap is.
The answer to your question depends on the robustness of your network,
the horsepower of the machines your scanning, and myriad other factors.
Try tuning down Nessus' aggressiveness. The default for simultaneous
hosts and simultaneous checks per host is 30 and 10, respectively (I
think). That's 300 plugins on the dance floor at the same time. Try
friendlier values like 10 and 4 (40 simultaneous processes). If that
doesn't work, back it off to something smaller still.
There are many other things you can tune, too... check the
documentation. Keep in mind that the settings you specify in your
nessusd.conf file will be overridden by your .nessusrc file. If in
doubt, create a client config file you like and then force the client to
use it with the -c or --config-file switches. (Ignore my last two
sentences if you're using one of the GUI clients. You can set these
parameters somewhere in the GUI.)
John Scherff
________________________________
From: nessus-bounces@list.nessus.org
[mailto:nessus-bounces@list.nessus.org] On Behalf Of andrewwhite
Sent: Wednesday, September 21, 2005 2:27 PM
To: nessus@list.nessus.org
Subject: Scanning multiple IP's provides weak results
I am scanning multiple IP's in the Nessus target range.
For example 10.10.10.10/27 it will scan and come back with hardly any
information on open ports which I know are open not even the ftp ports
that are open. However if I type a single IP into the target box and
scan, it will come back with the correct results.
What am I doing wrong here? Is it not good to scan many
IP's, nmap from command line has no problem.
Thanks for you time
Andy
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
