Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Nessus 3.0 performance / optimization

from [Ron Gula] Network Security [Permanent Link]
Subject: Re: Nessus 3.0 performance / optimization
Date: Thu, 20 Jul 2006 18:01:33 -0400
At 04:04 PM 7/20/2006, r p wrote:
What configuration changes or switches are worth making to scan multiple public Class C addresses ?

I have not been able to locate specific documentation that states what settings seem to yield the fastest results. For example with Nmap they recommended using -T4/-T4 and configuring a maximum RTT. What can we tune within Nessus?

With NEssus we want to get accurate results for the mult. class C's and have the highest performance. Is there anything we can tune on the machine or nessus to get optimal results?
The Laptop is an IBM T42 with 512MB ran on Fedora Core 5 fully patches with Nessus fully updated.

If you are aware of any articles , guides or can recommend any setting to gain performance please let me know by replying to this thread.

Thanks. 


It depends on what these systems are and what you are scanning for.
If you have more specific questions, please post. Here are some
random comments though:

If you are trying to optimize the port scan, you should use TCP ping
and attempt to select a smaller set of ports to scan for.

If you are trying to optimize the actual running of the NASL checks
you should consider investigating which plugins are being slow for
you. You might have just one plugin taking some time on one host
which could slow the entire scan down.

If you want the most accurate results and highest performance, I
think that credentialed scans would be the best course of action.
Conducting a port scan and running the NASLs is a much more complex
process than doing a patch audit.

You should also consider watching the Nessus log file and seeing
if any plugins are taking a long time.

Lastly, you can play with various combinations of max hosts per
scan and max checks per host. Depending on the number of open
ports, the speed of your scanned servers and such you might get
an increase in throughput by changing these values.

Ron Gula, CTO
Tenable Network Security





_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Nessus 3.0 performance / optimization, r p
Next by Date:  Re: segmenation fault erases nessus config file, George A. Theall
Previous by Thread:  Nessus 3.0 performance / optimization, r p
Next by Thread:  Nessus crash: "Empty data string -- closing comm. channel", Melkiades
Indexes:  [Date] [Thread] [Top] [All Lists]