Penetration Testing mailing list archives
Re: Nessus, Harmful?
From: Danijel Starman <danijel.starman () iskon hr>
Date: Wed, 03 Feb 2010 10:45:40 +0100
Hello,Few years ago even with one nessus I've managed to crash older cisco catalyst switches. It's all in the choice of plugins.
Best Regards, Danijel Shohn Trojacek wrote:
Hello, Once, several years ago I had hacked up nessus a bit into what could only be described as a "scanning cluster". I found that I was able to reboot Cisco catalyst switches about every 10 minutes when I had 16 machines running scans in parallel. This is an extreme example though. I've had other scanners including various Web app scanners bring things down too. In some cases, I had a replication of the production environment and then scanned the "mock" production environement when availability was more concerning than confidentiality. Generally, I've found it better to just be straight forward and honest about the risks and this calms people. If you seem skittish, they will be too. Godspeed, Shohn On Wed, Jan 6, 2010 at 11:17 PM, Zaki Akhmad <zakiakhmad () gmail com> wrote:Hello, I want to do a nessus scanning, but before I'd like to know is it nessus scanning harmful? Because I don't want to make the server down. Thanks! -- Zaki Akhmad ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review BoardProve to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review BoardProve to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Re: Nessus, Harmful? Joseph McCray (Feb 02)
- <Possible follow-ups>
- Re: Nessus, Harmful? Jonathan Cran (Feb 02)
- Re: Nessus, Harmful? Danijel Starman (Feb 03)
- Re: Nessus, Harmful? Kevin Shaw (Feb 05)