Penetration Testing mailing list archives
RE: linux tuning for nmap/nessus
From: "Tate Hansen" <tate () clearnetsec com>
Date: Wed, 22 Mar 2006 13:57:00 -0700
My guess is tuning any kernel parameters will have a small impact on the overall performance of nmap or nessus. FYI: I posted some nmap performance issues last November regarding multiple 8-way opteron/16Gig systems (Fyodor has since improved nmap though, so performance is likely much better). http://seclists.org/lists/pen-test/2005/Nov/0152.html The main thing we tried to ensure was minimal interference to the tcp/ip stack (e.g. turning off IPTables to avoid the processing overhead with state tracking, etc.) It also helped a lot to watch 'iptraf' statistics and packets per second. Tate Hansen ClearNet Security -----Original Message----- From: offset [mailto:offset () svcroot net] Sent: Monday, March 20, 2006 2:44 PM To: pen-test () securityfocus com Subject: linux tuning for nmap/nessus Greetings, Does anyone have any recommendations regarding kernel/tcp tuning for high volume nmap/nessus type scans? linux kernel 2.6.9.34.EL I'm concerned about the machine freezing during an extended network scan due to resource constraints on linux. The bulk of the nmap scans will be sT and sS. -off ---------------------------------------------------------------------------- -- This List Sponsored by: Cenzic Concerned about Web Application Security? As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/forms/ec.php?pubid=10025 And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com ---------------------------------------------------------------------------- -- ------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/forms/ec.php?pubid=10025 And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com ------------------------------------------------------------------------------
Current thread:
- linux tuning for nmap/nessus offset (Mar 20)
- Re: linux tuning for nmap/nessus David M. Zendzian (Mar 21)
- Re: linux tuning for nmap/nessus offset (Mar 21)
- Re: linux tuning for nmap/nessus Miguel Dilaj (Mar 21)
- Re: linux tuning for nmap/nessus Renaud Deraison (Mar 22)
- RE: linux tuning for nmap/nessus Tate Hansen (Mar 22)
- Re: linux tuning for nmap/nessus David M. Zendzian (Mar 21)