Educause Security Discussion mailing list archives
Re: NESSUS
From: "Brian K. Dore'" <bkd () LOUISIANA EDU>
Date: Thu, 24 Feb 2005 11:05:31 -0600
The XP SP2 (and 2003 SP1) firewalls are configurable by group policy and it's easy to set up port/ip exceptions for a particular machine/subnet. For unmanaged (student) machines with the firewall you still are going to want to look for open ports/exposed services (especially since things like sharing a folder will expose 135-139 and 445 to the local subnet.) And of course they can turn it off. If you are just trying to find out how many machines are out there, firewalled machines still respond to ARP requests. As far as cost/benefit, it depends what you are scanning for and what you expect to learn from it. Brian
For the folks who are using a solution like this, can you tell me how Service Pack 2 has affected its usability? Common sense would say that a host-based firewall turned on by default on 80% of my desktop machines would make any significant purchases in desktop scanning sw/hw a waste.
********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
Current thread:
- NESSUS Chad McDonald (Feb 24)
- <Possible follow-ups>
- Re: NESSUS Matthew Keller (Feb 24)
- Re: NESSUS Phillip G Deneault (Feb 24)
- Re: NESSUS Peter Moody (Feb 24)
- Re: NESSUS Matthew Keller (Feb 24)
- Re: NESSUS Josh Richard (Feb 24)
- Re: NESSUS Josh Richard (Feb 24)
- Re: NESSUS Kevin Shalla (Feb 24)
- Re: NESSUS Brian K. Dore' (Feb 24)