[unisog] Re: Nessus Scanning

Dusty Hall halljer at auburn.edu
Tue May 11 14:05:26 GMT 2004

Another frontend...



>>> jens.haeusser at ubc.ca 5/10/2004 12:00:21 PM >>>
Matt Crawford wrote:

> We scan with the whole site with nessus, but only for the most 
> critical vulnerabilities.  There hasn't been a problem.  Giving a 
> Windows or IRIX machine the works with nessus can choke it, so we 
> provide two nessus servers (one inside, one outside the perimeter) to

> which registered sysadmins can authenticate (via kx509 certificate) 
> and scan those systems for which they are a registered admin with any

> plugins they choose, on their own schedule.

I know that many of you scan with a subset of the Nessus plugins- which

do you consider the most critical? Do any of you keep the list updated

on a website somewhere?

We have been using single-vulnerability scanners (like 007scan, or 
Foundstone's DSScan) for broad scans, but we've been looking at moving

everything into Nessus, which we currently use for full, targeted

Jens Haeusser
Manager, Information Security Office
University of British Columbia
unisog mailing list
unisog at lists.sans.org 

More information about the unisog mailing list