Penetration Testing mailing list archives
Re: linux tuning for nmap/nessus
From: Miguel Dilaj <miguel.dilaj () oissg org>
Date: Tue, 21 Mar 2006 18:53:08 +0000
Hi offset, Take a look at this: http://www-128.ibm.com/developerworks/eserver/library/es-033104.htmlAnd also learn to use the command vmstat, that will tell you a lot in regards to other potential issues, like CPU speed, amount of RAM, disk transfer speed, etc.
Use at least nmap-4.01, ideally manually apply the patch to avoid a potential infinite loop that was posted to nmap-dev (or nmap-hackers).
Don't abuse anything above -T3Nessus IS a heavyweight, ensure you've a FAST machine with plenty of RAM for it.
Cheers, Miguel Dilaj Vice-President of IT Security Research, OISSG www.oissg.org offset wrote:
Greetings, Does anyone have any recommendations regarding kernel/tcp tuning for high volume nmap/nessus type scans? linux kernel 2.6.9.34.EL I'm concerned about the machine freezing during an extended network scan due to resource constraints on linux. The bulk of the nmap scans will be sT and sS. -off ------------------------------------------------------------------------------ This List Sponsored by: CenzicConcerned about Web Application Security? As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/forms/ec.php?pubid=10025 And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com------------------------------------------------------------------------------
------------------------------------------------------------------------------ This List Sponsored by: CenzicConcerned about Web Application Security? As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/forms/ec.php?pubid=10025 And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com
------------------------------------------------------------------------------
Current thread:
- linux tuning for nmap/nessus offset (Mar 20)
- Re: linux tuning for nmap/nessus David M. Zendzian (Mar 21)
- Re: linux tuning for nmap/nessus offset (Mar 21)
- Re: linux tuning for nmap/nessus Miguel Dilaj (Mar 21)
- Re: linux tuning for nmap/nessus Renaud Deraison (Mar 22)
- RE: linux tuning for nmap/nessus Tate Hansen (Mar 22)
- Re: linux tuning for nmap/nessus David M. Zendzian (Mar 21)