Firewall Wizards mailing list archives
RE: commercial va
From: "Darden, Patrick S." <darden () armc org>
Date: Thu, 17 Apr 2003 10:27:58 -0400
Cisco Routers and Switches were DOSed, even in safe mode, due to a problem in NMAP's OS guesser (which nessus used to use by default, and still will use if it is installed). I think this is fixed now, but it was a real mess at the time. Additionally, if you test DOS vulnerabilities, which used to be by default on, and which inexperienced users would probably click "on", you open up an unholy can of worms. --Patrick Darden
Behm, Jeffrey L. Do you have any specifics on what got "freaked out?" by nessus?
Ben Nagy: Network infrastructure, particularly (in my case) switches with spanning tree enabled. I still feel the pain. This was a while ago, yada yada, but AFAIK it's still a fairly widely held belief. Most people recommend that you avoid routing your nessus scans around a lot, or scanning your infrastructure (routers, switches, firewalls) devices too heavily. _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: commercial va, (continued)
- Re: commercial va Mark Gumennik (Apr 16)
- Re: commercial va Anton Chuvakin (Apr 17)
- Re: commercial va Mark Gumennik (Apr 17)
- Re: commercial va Mark Gumennik (Apr 16)
- Re: commercial va Andy Cuff [Talisker] (Apr 16)
- Re: commercial va Gary Flynn (Apr 16)
- Re: commercial va Mark Teicher (Apr 17)
- Re: commercial va Mark Gumennik (Apr 16)
- RE: commercial va Behm, Jeffrey L. (Apr 16)
- RE: commercial va Ben Nagy (Apr 17)
- RE: commercial va Kalat, Andrew (ISS Atlanta) (Apr 16)
- RE: commercial va Darden, Patrick S. (Apr 17)