Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: one client, multiple scanners - nightly automatic scans

from [Jason Ledford] Network Security [Permanent Link]
Subject: Re: one client, multiple scanners - nightly automatic scans
Date: Wed, 25 Oct 2006 15:45:23 -0400 
obsiously tanable makes commercial products that can take care of this.
There is also another option, http://inprotect.sourceforge.net/ that also
works with mutiple scanners.

On 10/25/06, Tony <x0SiN0x@comcast.net> wrote: 

 Looking into some options here and thought i'd send out to the list.  Im
new to network auditing was told to get nessus working - it works, just
looking for a possible better option.  Or some input on how my current
multiple simultaneous scans model works.



What im trying to do is automate nightly scans, gathering targets from a
database sending that output to a target file and have nesses be run on each
of the targets file.



Simple enough, except its ran one at a time (target1, target2, etc).  What
im also trying to accomplish is that these scans be kicked off from a client
system deciding what scanner to use.  Problem goes back to only being able
to start one scan at any given time.  On a very large network, such as the
one im in charge of auditing this can be very time consuming - trying to
balance the load with one central point (or more depending on load) handling
all the post processing / reporting and letting the scanners do their own
thing.



what im currently doing, and I would hope there is a better option is the
following.

  1. Gather targets from database send to a target file

  2. Bash script that goes over each target file and kicks off a custom
perl script that determines the scanner to use, initiates the scan, and post
processes the results (generating alarms, updating a database, and a few
other items).

This model seems to work well but seems like a hack job to me, thought
there might be a better way to go about this instead of running 10 or so
scans as background process on the client machine (ex, foreach target -
"nessus nessus -q -x -T nbe scanner port username password target scan_out
&").



My current model includes three scanners and one client system (linux
systems FC4).  I will be expanding this to quite a few more scanners to
break out the load across the network.



Is anyone else doing anything similar?  How did you go about it, other
then having each scanner system doing its own scans via cron jobs.

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus


_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  one client, multiple scanners - nightly automatic scans, Tony
Next by Date:  Re: "HNAdapter" Problem?, rolf tester
Previous by Thread:  one client, multiple scanners - nightly automatic scans, Tony
Next by Thread:  RE: one client, multiple scanners - nightly automatic scans, Doty, Timothy T.
Indexes:  [Date] [Thread] [Top] [All Lists]