Hi Ondrej,
Several comments and ideas --
You mention you are running Nessus on Windows XP. I'm curious if you
could share how you scheduled your continuous scans. I'm wondering if
you are experiencing overlap between your continuous scans.
With Windows XP, the performance of scans is not as good as Windows
servers (like 2003). If you can upgrade to 2003 or Linux, you should get
better performance. More memory may help, but the Windows XP OS is
limiting you some.
Perhaps you could lower the sampling of your continuous scans? Maybe add
an hour wait state between scans?
Perhaps your check per hosts or hosts to scan at the same time could be
tweaked. When playing with these variables, I like to maximize checks
per host but put hosts per scan at like 1 or 2. This lets me see how
hard the Nessus scanner works scanning one host.
The delay between logging into Nessus and starting the scan of 1 minute
(especially during another scan) is expected.
You are correct in your understanding of the 'optimize_test' setting.
You should also enable 'safe_checks' as well:
http://blog.tenablesecurity.com/2006/09/understanding_t.html
I'm not sure what your organization's goals of a continuous scan are. If
you want to discover new hosts, you don't need a full vulnerability scan
for this. Other ideas you might look into:
- The 'optimizing Nessus scan speed' blog entry
http://blog.tenablesecurity.com/2007/01/optimizing_ente.html
- You may also want to consider passive products like our Passive
Vulnerability Scanner that monitor network traffic.
Ron Gula, CTO
Tenable Network Security
http://www.tenablesecurity.com
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
