[unisog] Re: Nessus Scanning
jens.haeusser at ubc.ca
Mon May 10 17:00:21 GMT 2004
Matt Crawford wrote:
> We scan with the whole site with nessus, but only for the most
> critical vulnerabilities. There hasn't been a problem. Giving a
> Windows or IRIX machine the works with nessus can choke it, so we
> provide two nessus servers (one inside, one outside the perimeter) to
> which registered sysadmins can authenticate (via kx509 certificate)
> and scan those systems for which they are a registered admin with any
> plugins they choose, on their own schedule.
I know that many of you scan with a subset of the Nessus plugins- which
do you consider the most critical? Do any of you keep the list updated
on a website somewhere?
We have been using single-vulnerability scanners (like 007scan, or
Foundstone's DSScan) for broad scans, but we've been looking at moving
everything into Nessus, which we currently use for full, targeted scans.
Manager, Information Security Office
University of British Columbia
More information about the unisog