Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: scanning multiple hosts

from [Mike . Vasquez] Network Security [Permanent Link]
Subject: Re: scanning multiple hosts
Date: Wed, 12 Dec 2007 14:55:30 -0700 
I've seen a single scanner, scanning 2 devices, drop packets, due to 
scanning through load balancers, etc.  Nessus can generate a *lot* of 
traffic.  Do your scan, then do a host at a time, and compare results, for 
a decent benchmark of the accuracy of your current method.  Different 
network topologies would require testing like this again -- and I'd only 
consider it a "decent" comparison, and not 100%. 





James Birk <jbirk@birksystems.com> 
Sent by: nessus-bounces@list.nessus.org
12/12/2007 01:30 PM

To
"darko g" <d.gavrilovic@gmail.com>
cc
nessus@list.nessus.org
Subject
Re: scanning multiple hosts







Is this really the case?  One machine as a scanner and a client cannot 
scan more than one host simultaneously without missing pretty big 
deals like open ports?

I'm running a single core duo with 4 gigs of RAM and FreeBSD 6.*, and 
the latest version of the server and client.  I routinely scan up to 4 
hosts simultaneously....am I trusting something to work that actually 
isn't?


On Dec 12, 2007, at 3:26 PM, darko g wrote:


Whats your setup? Just one machine as a scanner & client? not gonna
cut it. you need to distribute it.


On Dec 12, 2007 2:52 PM, Steve Templists <stemplists@gmail.com> wrote:

I've been a nessus user for years, but I have getting horrible 
results
recently when scanning more than one host at a time.

When scanning multiple hosts, the scanner will completely miss open 
ports,
or it will see the port as open during the port scan, but then 
report that
the port "was open but is now closed".  I have had this problem on 
numerous
installations recently, all using the latest rpm for suse 10 and 
the latest
nessus-client version.  The scans I am performing are using the 
default scan
policy, the default port range, and the default scan options.

If I scan one host at a time I get "more reliable" results. 
Although I'm
questioning any results I get.  And scanning a class C is very time
consuming when starting one host at a time.

Not sure if anyone else has had issues and/or has any ideas.

Oh, and my hardware is new too so I don't think its a processor/ 
memory
problem.

Thanks for any feedback.  I sure hope I'm missing something easy.
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus





-- 
cheers,
dg
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus


_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

GIF image

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: scanning multiple hosts, Ron Gula
Next by Date:  Web Front for Nessus, Yanyan Wang
Previous by Thread:  Re: scanning multiple hosts, James Birk
Next by Thread:  Re: scanning multiple hosts, Ron Gula
Indexes:  [Date] [Thread] [Top] [All Lists]