RE: linux tuning for nmap/nessus

From: Tate Hansen (tate@clearnetsec.com)
Date: Wed Mar 22 2006 - 15:57:00 EST

• Next message: offset: "Re: War dialing"
• Previous message: Fixer: "Re: War dialing"
• In reply to: offset: "linux tuning for nmap/nessus"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

My guess is tuning any kernel parameters will have a small impact on the
overall performance of nmap or nessus.

FYI: I posted some nmap performance issues last November regarding multiple
8-way opteron/16Gig systems (Fyodor has since improved nmap though, so
performance is likely much better).
http://seclists.org/lists/pen-test/2005/Nov/0152.html

The main thing we tried to ensure was minimal interference to the tcp/ip
stack (e.g. turning off IPTables to avoid the processing overhead with state
tracking, etc.)

It also helped a lot to watch 'iptraf' statistics and packets per second.

Tate Hansen
ClearNet Security

-----Original Message-----
From: offset [mailto:offset@svcroot.net]
Sent: Monday, March 20, 2006 2:44 PM
To: pen-test@securityfocus.com
Subject: linux tuning for nmap/nessus

Greetings,

Does anyone have any recommendations regarding kernel/tcp tuning for high
volume nmap/nessus type scans?

linux kernel 2.6.9.34.EL

I'm concerned about the machine freezing during an extended network scan due
to resource constraints on linux.

The bulk of the nmap scans will be sT and sS.

-off

----------------------------------------------------------------------------

--
This List Sponsored by: Cenzic
Concerned about Web Application Security? 
As attacks through web applications continue to rise, you need to
proactively 
protect your applications from hackers. Cenzic has the most comprehensive 
solutions to meet your application security penetration testing and 
vulnerability management needs. You have an option to go with a managed 
service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm).
Download FREE whitepaper on how a managed service can help you: 
http://www.cenzic.com/forms/ec.php?pubid=10025
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request@cenzic.com
----------------------------------------------------------------------------
--
------------------------------------------------------------------------------
This List Sponsored by: Cenzic
Concerned about Web Application Security? 
As attacks through web applications continue to rise, you need to proactively 
protect your applications from hackers. Cenzic has the most comprehensive 
solutions to meet your application security penetration testing and 
vulnerability management needs. You have an option to go with a managed 
service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). 
Download FREE whitepaper on how a managed service can help you: 
http://www.cenzic.com/forms/ec.php?pubid=10025
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request@cenzic.com
------------------------------------------------------------------------------

• Next message: offset: "Re: War dialing"
• Previous message: Fixer: "Re: War dialing"
• In reply to: offset: "linux tuning for nmap/nessus"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:43 EDT