Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Effective Location For The Scan

from [Michel Arboi] Network Security [Permanent Link]
Subject: Re: Effective Location For The Scan
Date: Thu, 20 Apr 2006 19:32:48 +0200 
On Thu Apr 20 2006 at 19:05, -soundlux- wrote:


My research indicated that the threat was greatest from insiders, so
my suggested approach was to require that the scans be ran from inside
the network ( specifically behind the firewall.) 


You are right, IMHO, for several reasons.


Other will argue that the scans should be ran from outside the
firewall since the threats are mainly external.  


That's useless.


A department that took the last approach (running the scans from
outside the firewall), reported the Nessus scan results with No
vulnerabilities. 


Not very surprising.


My Question is, if the scans are run from ouside the network, should
the firewall (and other security appliances) be configured in a
particular way as not to distort the scans.


You can, but I think it is not worth the trouble.
If you want to only address external threats, you should scan the
public machines from inside.

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Effective Location For The Scan, -soundlux-
Next by Date:  Re: Effective Location For The Scan, Todd Adamson
Previous by Thread:  Effective Location For The Scan, -soundlux-
Next by Thread:  Re: Effective Location For The Scan, Todd Adamson
Indexes:  [Date] [Thread] [Top] [All Lists]