Educause Security Discussion mailing list archives
[no subject]
From: Stephen J Smoogen <smooge () UNM EDU>
Date: Mon, 31 Mar 2008 17:12:19 -0600
Subject: Re: [SECURITY] Security Related Questions In-Reply-To: <15372.1206970301 () turing-police cc vt edu> Message-ID: <alpine.LRH.1.10.0803311707200.23798 () xanadu unm edu> References: <AD19F18F94C4824AB7D6BE0F7F44D4CF0585A1BAAD () VEX1 CUP EDU> <47EF96B3.8090600 () uni edu> <B48F725D5B7AAB4CAC5290ACE289EE292EE3969603 () exch-mbx1 pct edu> <15372.1206970301 () turing-police cc vt edu> User-Agent: Alpine 1.10 (LRH 962 2008-03-14) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-WatchGuard-IPS: message checked X-WatchGuard-Spam-ID: str=0001.0A010205.47F16FD4.000A,ss=1,fgs=0 X-WatchGuard-Spam-Score: 0, clean; 0, no virus X-WatchGuard-Mail-Client-IP: 64.106.76.41 X-WatchGuard-Mail-From: smooge () unm edu X-WatchGuard-Mail-Recipients: SECURITY () listserv educause edu On Mon, 31 Mar 2008, Valdis Kletnieks wrote:
On Mon, 31 Mar 2008 07:35:57 EDT, Daniel Bennett said:I used nessus here for a little while. However, with the most in-depth scans it was causing servers to go down randomly. The servers would see the attacks and shutdown NIC, services, etc.Installing a different scanner is the Wrong Answer, as it merely papers over the problem instead of actually fixing it. If your Nessus scan could fold up your server, then an attacker can *also* DoS your server with a Nessus scan - and you probably want to address that scenario, because "run Nessus with all the bells and whistles and see if anybody notices" is a very common tactic in the initial phases of an actual attack...
Followed by "Lets run Nessus on 40 computers against them".. followed by "Lets get all their printers to spew out blank pages with that Nessus plugin". Actually the worst of all things I ran into though was the well-intentioned scanning by some subgroup that accidently gets out of hand.. Make sure you know who has your .0.0 network if you have a /16 :). -- Stephen Smoogen -- ITS/Linux Administrator MSC02 1520 1 University of New Mexico Albuquerque, NM 87131-0001 Phone: (505) 277-8219 Email: smooge () unm edu How far that little candle throws his beams! So shines a good deed in a naughty world. = Shakespeare. "The Merchant of Venice"
Current thread:
- [no subject] Stephen J Smoogen (Mar 31)