sasser virus (was Re: [unisog] student fees for cleaning.)
crawdad at fnal.gov
Mon May 10 13:55:54 GMT 2004
>> No. We don't scan the network looking for vunarable machines without
>> the owner's permission. Our experience with Nessus scans says that it
>> causes the machine to reboot.
> We do scan, but not with nessus. I generally us scanners dedicated to
> single vulnerability (eg from foundstone, eeye or (my favourite - base
> on the uconn resnet scanner).
We scan with the whole site with nessus, but only for the most critical
vulnerabilities. There hasn't been a problem. Giving a Windows or
IRIX machine the works with nessus can choke it, so we provide two
nessus servers (one inside, one outside the perimeter) to which
registered sysadmins can authenticate (via kx509 certificate) and scan
those systems for which they are a registered admin with any plugins
they choose, on their own schedule.
More information about the unisog