Re: linux tuning for nmap/nessus

From: Miguel Dilaj (miguel.dilaj@oissg.org)
Date: Tue Mar 21 2006 - 13:53:08 EST


Hi offset,

Take a look at this:

http://www-128.ibm.com/developerworks/eserver/library/es-033104.html

And also learn to use the command vmstat, that will tell you a lot in
regards to other potential issues, like CPU speed, amount of RAM, disk
transfer speed, etc.

Use at least nmap-4.01, ideally manually apply the patch to avoid a
potential infinite loop that was posted to nmap-dev (or nmap-hackers).
Don't abuse anything above -T3

Nessus IS a heavyweight, ensure you've a FAST machine with plenty of RAM
for it.

Cheers,

Miguel Dilaj
Vice-President of IT Security Research, OISSG
www.oissg.org

offset wrote:
> Greetings,
>
> Does anyone have any recommendations regarding kernel/tcp tuning for high volume nmap/nessus type scans?
>
> linux kernel 2.6.9.34.EL
>
> I'm concerned about the machine freezing during an extended network scan due to resource constraints on linux.
>
> The bulk of the nmap scans will be sT and sS.
>
> -off
>
> ------------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Concerned about Web Application Security?
> As attacks through web applications continue to rise, you need to proactively
> protect your applications from hackers. Cenzic has the most comprehensive
> solutions to meet your application security penetration testing and
> vulnerability management needs. You have an option to go with a managed
> service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm).
> Download FREE whitepaper on how a managed service can help you:
> http://www.cenzic.com/forms/ec.php?pubid=10025
> And, now for a limited time we can do a FREE audit for you to confirm your
> results from other product. Contact us at request@cenzic.com
> ------------------------------------------------------------------------------
>
>

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
As attacks through web applications continue to rise, you need to proactively
protect your applications from hackers. Cenzic has the most comprehensive
solutions to meet your application security penetration testing and
vulnerability management needs. You have an option to go with a managed
service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm).
Download FREE whitepaper on how a managed service can help you:
http://www.cenzic.com/forms/ec.php?pubid=10025
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@cenzic.com
------------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:43 EDT