Educause Security Discussion mailing list archives

Re: Security Related Questions

From: Valdis Kletnieks <Valdis.Kletnieks () VT EDU>
Date: Mon, 31 Mar 2008 09:31:41 -0400

On Mon, 31 Mar 2008 07:35:57 EDT, Daniel Bennett said:

I used nessus here for a little while.  However, with the most in-depth scans
it was causing servers to go down randomly.  The servers would see the attacks
and shutdown NIC, services, etc.


Installing a different scanner is the Wrong Answer, as it merely papers over
the problem instead of actually fixing it.  If your Nessus scan could fold up
your server, then an attacker can *also* DoS your server with a Nessus scan -
and you probably want to address that scenario, because "run Nessus with all
the bells and whistles and see if anybody notices" is a very common tactic in
the initial phases of an actual attack...

Attachment: _bin
Description:

Current thread:

Security Related Questions Sabo, Eric (Mar 30)
- <Possible follow-ups>
- Re: Security Related Questions Ken Connelly (Mar 30)
- Re: Security Related Questions Daniel Bennett (Mar 31)
- Re: Security Related Questions Valdis Kletnieks (Mar 31)