Full Disclosure mailing list archives

Re: Nessus experience

From: "Samir Kelekar" <samir () teknotrends com>
Date: Fri, 15 Oct 2004 08:08:13 +0530


----- Original Message ----- 
From: "Tate Hansen" <tate () ClearNetSec com>


checks_read_timeout:  maximum number of seconds to wait for a probe
response:  wait doing a recv()
plugins_timeout:  the maximum number of seconds of lifetime for a
vulnerability check

If you set checks_read_timeout to 1 second and plugins_timeout to 5

seconds,

you'll blaze through the scan.  The problem is you may lose accuracy

because

That is quite interesting.
Correct me if I am wrong, but it looks like
if the target interface that one is scanning is
blocked/down for some reasons, nessusd does not learn about it. (I guess it
might
be too much to expect). That is, every one of the plugins will get delayed
leading to
a huge time. Usually I haven't had the patience to wait for the whole scan
in such cases;
I guess it
could take days, am I right ?

regards,
Samir Kelekar
Teknotrends Software
Bangalore


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Nessus experience Mr. Rufus Faloofus (Oct 13)
- Re: Nessus experience Jay Jacobson (Oct 13)
- Re: Nessus experience Barry Fitzgerald (Oct 13)
- Re: [SPAM] Nessus experience Hugo van der Kooij (Oct 13)
  - Re: [SPAM] Nessus experience Mr. Rufus Faloofus (Oct 13)
- Re: Nessus experience Samir Kelekar (Oct 14)
- RE: Nessus experience Tate Hansen (Oct 14)
  - Re: Nessus experience Samir Kelekar (Oct 14)
    - RE: Nessus experience Tate Hansen (Oct 16)