Good time to Scan

[jim.halfpenny at gmail.com (Jim Halfpenny)]

Hi,
I think another important aspect to this is tracking which nodes were
scanned and when. It should be possible to identifiy nodes which are under
the radar and may require scanning in working hours even is policy dictates
that scans are conducted outside core hours.

That said, scanning in working hours is usually met with some inital
hostility and in time accepted as normal practice. Think about corporate
virus scanning policies and extrapolate.

Regards,
Jim


On 30 March 2010 11:18, Ron Gula <rgula at tenablesecurity.com> wrote:

> It sounds from your email that you want to scan daily which is great.
> Many companies don't scan daily - they do it monthly or perhaps weekly.
>
> I wrote a blog entry last year that talked about how sampling to slowly
> can give you very misleading results. For example, scanning on the
> Wednesday after MS Tuesday will always find holes.
>
>
> http://blog.tenablesecurity.com/2009/05/common-mistakes-in-vulnerability-and-compliance-reporting.html
>
> --
> Ron Gula, CEO
> Tenable Network Security
>
>
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20100330/5bc49da1/attachment.htm