RE: how many clients per server w/ nessus?

["Vince Maes" <vince.maes () onsemi com>]

Ben

To share some of my experiences, you may want to consider server and network
performance tuning issues in addition to Nessus's performance.  If you're
looking for larger performance requirements, you may want to consider the
usual suspects: disk io, memory, and CPU.  Before I start adding servers, I
like to make sure I'm getting every cycle's worth for my penny.  I've also
had good experience using a separate disk sub-system for logging intensive
applications.  (A separate controller and disk used for /var, or whatever).
Keep in mind the old saying, "Security, performance, cost - pick two".

A word of caution, I've seen many administrators, including myself, make too
many changes or too big of a change, and cause performance to degrade in
other applications or parts of the system.  And, be careful of any firewalls
or proxies you may be traversing when running these tests with a well-tuned
machine.  Without realizing, I've chewed up too many connections over a
firewall and...well that's another story (lesson).

As far as tuning Nessus, keep in mind the checks_read_timeout setting, which
is 15 seconds by default.  You may want to lower this if you are on a local
network, but be careful it could cause false positives.  Check your
/usr/local/etc/nessus/nessusd.conf for current parameters.

Here's a few links I've found useful for performance related info:
http://www.geocities.com/techdirectory/performance.html
http://secinf.net/info/unix/ip-stack-tuning.html

Good luck and have fun,

Vince Maes
vince () ewarfare com

-----Original Message-----
From: Kevin Clarke [mailto:kclarke () vianetworks co uk]
Sent: Friday, July 19, 2002 7:32 AM
To: PEN-TEST () securityfocus com; falcon () cybersecret com
Subject: Re: how many clients per server w/ nessus?

Ben

I have set-up Nessus before with 5 concurrent clients and it seemed to work
fine. The scanning took a while but I think this was because of the limited
bandwidth I had access to at the time, rather than the power of the Server
(Redhat, P3, 128MB RAM).

Kevin
----- Original Message -----
From: <falcon () cybersecret com>
To: <PEN-TEST () securityfocus com>
Sent: Thursday, July 18, 2002 7:37 PM
Subject: how many clients per server w/ nessus?


> Greetings,
>
> Has anybody ever setup a central nessus server to be
> used with multiple, simultaneous clients?  Any idea
> what the safe max per server is in terms of # clients
> and # scanning threads (ie: target IPs/hosts)?  I'm
> interested in setting up a central server with the
> ability to scan 50-100 confirmed hosts simultaneous
> from 5-10 unique clients and am wondering if 1 server
> can handle this, or if I'll need to setup multiple
> servers.
>
> Thanks much!
>
> -ben
>
> ---------------------------------------
> Benjamin Tomhave
> falcon () cybersecret com
> http://falcon.cybersecret.com/
>
> --------------------------------------------------------------------------
--
> This list is provided by the SecurityFocus Security Intelligence Alert
(SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security vulnerabilities please
see:
> https://alerts.securityfocus.com/


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/