Educause Security Discussion mailing list archives
Re: NESSUS
From: Kevin Shalla <kshalla () UIC EDU>
Date: Thu, 24 Feb 2005 10:48:22 -0600
Because of campus software we use, we cannot yet upgrade to SP2, so I don't know what is available in the Windows firewall setup. If we had our way, what would we choose? How about setting up a group security policy to allow scans from a particular IP address (the official campus scanning computer), and block all others? There are departments which won't want us to define group security policies, but I'm sure many would tolerate (or even embrace) it. At 09:46 AM 2/24/2005, Matthew Keller wrote:
On Thu, 2005-02-24 at 07:17 -0800, Peter Moody wrote: > For the folks who are using a solution like this, can you tell me how > Service Pack 2 has affected its usability? Common sense would say > that a host-based firewall turned on by default on 80% of my desktop > machines would make any significant purchases in desktop scanning sw/hw > a waste. Host-based firewalls do indeed get in the way of network-wide scanning. A _lot_ of users seem to turn the firewall off, however. As far as "cost" - Our cluster is made of old PIII desktops that would otherwise be fodder. The software is freely available, and the control application was fun to write, so the only "costs" are the spare data switch, and the stress on the network (for us).
********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
Current thread:
- NESSUS Chad McDonald (Feb 24)
- <Possible follow-ups>
- Re: NESSUS Matthew Keller (Feb 24)
- Re: NESSUS Phillip G Deneault (Feb 24)
- Re: NESSUS Peter Moody (Feb 24)
- Re: NESSUS Matthew Keller (Feb 24)
- Re: NESSUS Josh Richard (Feb 24)
- Re: NESSUS Josh Richard (Feb 24)
- Re: NESSUS Kevin Shalla (Feb 24)
- Re: NESSUS Brian K. Dore' (Feb 24)