OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: gsuarezbancomercantil.com
Date: Wed Apr 25 2001 - 16:55:35 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
    majordomoiss.net Contact issforum-owneriss.net for help with any problems!
    ----------------------------------------------------------------------------

    I recommend the following:

    of the results obtained with the first work session ("L2 Classification"),
    you should separate the hosts depending on the operating system. Then, you
    can continue with the different leves for each OS.

    In other words: NT vulnerabilities with NT hosts and UNIX vulnerabilities
    with UNIX hosts

    Bye...
    German Alberto Suarez Nahon
    Banco Mercantil SACA CA
    Phone: 58 212 5030270 / 0026 (Fax)
    http://www.bancomercantil.com
    mailto:gsuarezbancomercantil.com

                                                                                               
                        Randy Reitz
                        <rreitzfnal. To: issforumiss.net
                        gov> cc:
                        Sent by: Subject: Internet Scanner: Estimating time
                        owner-issforu required to complete a scan.
                        miss.net
                                                                                               
                                                                                               
                        25/04/2001
                        01:42 p.m.
                                                                                               
                                                                                               

    TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
    majordomoiss.net Contact issforum-owneriss.net for help with any
    problems!
    ----------------------------------------------------------------------------

    I performed the first scan on my site and found that with my current
    hardware, it took the IS 4:30 hours to scan 6088 hosts using the "L2
    Classification" policy (22 vulnerabilities). I'm wondering how log it will

    take to complete this scan using the "L4 NT Server" policy (284
    vulnerabilities)?

    Of the 6000 hosts, about 1/3 are of the NT variety. My question is: does
    the scan engine try NT vulnerabilities against hosts that are not
    identified as NT? I suspect that OS detection occurs every time the scan
    engine runs. If the IS scan engine identifies a host as "UNIX", will it
    still try to execute vulnerabilities designed for NT? Or will it "skip"
    UNIX hosts?

    I don't want a scan to run outside of business hours. I would like to keep

    my scan duration to 6-8 hours. Any suggestions concerning estimating the
    scan elapse time would be appreciated.

    Thanks
    Randy Reitz