Nessus Network Auditing
Learn about this open-source vulnerability scanner, how to get the most out of the tool, recognize its limitations and how to deal with them, and what makes it flexible to perform a wide range of network-based operations.
TABLE OF CONTENTS Nessus Network Auditing
Common Problems
Several problems might arise while you are using the Nessus daemon to scan your network. These problems are not necessarily related to bandwidth or a vulnerability, but rather to a product vendor s improper handling of abnormal and unexpected traffic being directed at their product.
In this section, we divide the problems that might surface when scanning your network with Nessus into the following categories: aggressive scanning, volatile applications, and printer carnage. Toward the end of this section, we also describe another shortcoming that might show up when running Nessus against your enterprise s workstations. These workstations might be turned off during some part of the scan or change their IPs due to a restart, and the results pertaining to these workstations need to be addressed differently.
Aggressive Scanning
The type of portscan performed on your network has an effect on the stability of numerous types of hardware and software. We need to remember that while the main goal of the portscan phase is to detect open ports, it needs to do so while making sure that the software and hardware being scanned will survive the portscan, so that we can detect vulnerabilities in that software/hardware and do not needlessly reduce their uptime.
The Nessus daemon uses Nmap for its portscanning back engine, and as such, it supports all of Nmap s portscanning techniques, including TCP connect(), SYN, FIN, Xmas Tree, SYN FIN, FIN SYN, and NULL. Each scan type has a different effect on the software and hardware being scanned.
Copyright Syngress Publishing, Inc. 2004 under license agreement with Books24x7
