Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

one client, multiple scanners - nightly automatic scans

from [Tony] Network Security [Permanent Link]
Subject: one client, multiple scanners - nightly automatic scans
Date: Wed, 25 Oct 2006 13:36:25 -0600 
Looking into some options here and thought i'd send out to the list.  Im new
to network auditing was told to get nessus working - it works, just looking
for a possible better option.  Or some input on how my current multiple
simultaneous scans model works.

 

What im trying to do is automate nightly scans, gathering targets from a
database sending that output to a target file and have nesses be run on each
of the targets file.

 

Simple enough, except its ran one at a time (target1, target2, etc).  What
im also trying to accomplish is that these scans be kicked off from a client
system deciding what scanner to use.  Problem goes back to only being able
to start one scan at any given time.  On a very large network, such as the
one im in charge of auditing this can be very time consuming - trying to
balance the load with one central point (or more depending on load) handling
all the post processing / reporting and letting the scanners do their own
thing.

 

what im currently doing, and I would hope there is a better option is the
following.

  1. Gather targets from database send to a target file

  2. Bash script that goes over each target file and kicks off a custom perl
script that determines the scanner to use, initiates the scan, and post
processes the results (generating alarms, updating a database, and a few
other items).

This model seems to work well but seems like a hack job to me, thought there
might be a better way to go about this instead of running 10 or so scans as
background process on the client machine (ex, foreach target - "nessus
nessus -q -x -T nbe scanner port username password target scan_out &").

 

My current model includes three scanners and one client system (linux
systems FC4).  I will be expanding this to quite a few more scanners to
break out the load across the network.

 

Is anyone else doing anything similar?  How did you go about it, other then
having each scanner system doing its own scans via cron jobs.


_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: "HNAdapter" Problem?, George A. Theall
Next by Date:  Re: one client, multiple scanners - nightly automatic scans, Jason Ledford
Previous by Thread:  Nikto and Nessus integration, julian beling
Next by Thread:  Re: one client, multiple scanners - nightly automatic scans, Jason Ledford
Indexes:  [Date] [Thread] [Top] [All Lists]