TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems!
----------------------------------------------------------------------------
[EMAIL PROTECTED] wrote:
> Another suggestion is create a Custom Policy and disable RPC scanning which
> will provide a workaround for this finicky AIX and SGI boxes that is
> running portmapper due to a default installation of the operating system
> (i.e. portmapper 111)
It was not difficult to isolate the checks that were flipping out
specific boxes every time. Designing a "lesser" policy that ran fine on
them was relatively simple, in fact. I was speaking to the user that
had asked if we'd seen similar things - I suppose a "yes" would have
been sufficient, eh? :)
My further point was more addressed to the random hangs - not the
consistent ones. Anything that gives persistent results I can almost
certainly deal with, it's just the Eeny Meeny Miney Moe of hanging
that's going on currently that frustrates me. Sure, I can go digging
into logs to try and find out what happened each run - but that's a
time-consuming process and I have other things to do. I'm sure we ALL
do.
I have faith in ISS that their scans will stabilize - they seem to have
a good product, and it's served us well. But until they whack the
gremlins that are popping up, a short-term solution would be very much
appreciated. The simplest one that springs to mind is the ability to
stop the "Gremlin" scan without losing your bulk results. It's also a
request I've heard before, so I decided to echo/parrot/<aol>Metoo!</aol>
the sentiment.
> If you conducting a scan on a large network (i.e. not a Class 'C') break up
> the scan into multiple parts, therefore eliminating the amount of time a
> scan may take for those troublesome hosts on particular networks.
As a rule, I have broken our scans down into chunks of about 150 hosts
per run. This is a scan-time of (for us) between one and two hours. I
don't think this is unreasonable at all - but it's still a frustrating
block of time to lose. What approximate scan-time are you using, if I
may ask?
Thanks for your time and insight!
Dan Ozdowski
UVA Network Systems
