PaulDotCom mailing list archives
Re: Nessus Scans killing ASA 5505
From: "Albert R. Campa" <abcampa () gmail com>
Date: Thu, 21 Jul 2011 11:10:48 -0500
I wouldn't scan through the firewall to audit systems on the other side. Move your scanner machine. do you not want to enable safe checks? On Thu, Jul 21, 2011 at 11:02 AM, Ron Henry <ciphermonk () gmail com> wrote:
This problem is probably due to my current gateway not being able to keep up, but here goes. I'm scanning 10 or so /24s as part of a vuln assessment. I'm running 4.4.1. The scan using the following scan policy, brings the ASA 5505 to it's knees. CPU utilization goes to 98% and stays there until the device eventually locks up. I'm honestly probably at the point where I just need to move to beefier firewall, but I figured I would run it by you guys first. There are no complicated firewall rules in place and threat detection is disabled. The scan policy can be viewed at http://www.ciphermonk.net/photos/scan_policy.png Thanks for your help. - Ron Henry (dijital1) Website: http://www.ciphermonk.net Email: rlh () ciphermonk net Twitter: http://twitter.com/dijital1 LinkedIn: http://www.linkedin.com/in/dijital1 %JMNU%521*-;UU -GbU- aUP %JMNU%521*-A3FSP %JMNU%521*-`4B-920-7BP %JMNU%521*- 94i-C3-43P %JMNU%521*-Bc2F-AR1C-AEBP %JMNU%521*-e3+T-U26-DBGP %JMNU%521*-bE41-KFF2-D232P %JMNU%521*-3Bb}-4+}A-3VAP _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Nessus Scans killing ASA 5505 Ron Henry (Jul 21)
- Re: Nessus Scans killing ASA 5505 Paul Asadoorian (Jul 21)
- Re: Nessus Scans killing ASA 5505 Butturini, Russell (Jul 21)
- Re: Nessus Scans killing ASA 5505 Ron Henry (Jul 22)
- Re: Nessus Scans killing ASA 5505 Butturini, Russell (Jul 21)
- Re: Nessus Scans killing ASA 5505 Albert R. Campa (Jul 21)
- Re: Nessus Scans killing ASA 5505 Paul Asadoorian (Jul 21)