Re: linux tuning for nmap/nessus

From: David M. Zendzian (dmz@dmzs.com)
Date: Tue Mar 21 2006 - 00:46:19 EST


Offset,
  The kernel does matter some, but overall the size of the box
(cpu/memory) and the network connection will matter the most for
large/extended scans.

  You may want to check (google) these options to see the best way of
tuning based on the parameters available to your system:
  -T[0-5]: Set timing template (higher is faster)
  --min-hostgroup/max-hostgroup <size>: Parallel host scan group sizes
  --min-parallelism/max-parallelism <msec>: Probe parallelization
  --min-rtt-timeout/max-rtt-timeout/initial-rtt-timeout <msec>: Specifies
      probe round trip time.
  --max-retries <tries>: Caps number of port scan probe retransmissions.
  --host-timeout <msec>: Give up on target after this long
  --scan-delay/--max-scan-delay <msec>: Adjust delay between probe

dmz

offset wrote:
> Greetings,
>
> Does anyone have any recommendations regarding kernel/tcp tuning for high volume nmap/nessus type scans?
>
> linux kernel 2.6.9.34.EL
>
> I'm concerned about the machine freezing during an extended network scan due to resource constraints on linux.
>
> The bulk of the nmap scans will be sT and sS.
>
> -off
>
> ------------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Concerned about Web Application Security?
> As attacks through web applications continue to rise, you need to proactively
> protect your applications from hackers. Cenzic has the most comprehensive
> solutions to meet your application security penetration testing and
> vulnerability management needs. You have an option to go with a managed
> service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm).
> Download FREE whitepaper on how a managed service can help you:
> http://www.cenzic.com/forms/ec.php?pubid=10025
> And, now for a limited time we can do a FREE audit for you to confirm your
> results from other product. Contact us at request@cenzic.com
> ------------------------------------------------------------------------------
>
>
>
>
>
>

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
As attacks through web applications continue to rise, you need to proactively
protect your applications from hackers. Cenzic has the most comprehensive
solutions to meet your application security penetration testing and
vulnerability management needs. You have an option to go with a managed
service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm).
Download FREE whitepaper on how a managed service can help you:
http://www.cenzic.com/forms/ec.php?pubid=10025
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@cenzic.com
------------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:43 EDT