Dirk,
We currently use a dedicated PIII/733 with 256MB of RAM to scan a
network of 15,000 hosts across 200 subnets. A scan for the 3
anti-Slapper plugins across all hosts takes approximately 5 hours.
Two suggestions:
1) if possible, increase CPU speed. I also set the number of
hosts to be scanned at 30, and uptime utilization was averaging around
8.5-12.
2) run Nessus 1.3.3 (or 1.4.x when released). Speed has been
**greatly** improved versus previous versions. The same scan under 1.2.7
was taking several days.
If you need more details, you can reply to me offline...
--Keith Young
-----Original Message-----
From: Nessus User [mailto:[EMAIL PROTECTED]]
Sent: Friday, January 31, 2003 9:41 AM
To: [EMAIL PROTECTED]
Subject: System requirements Nessus
Hello list,
I am figuring out how I can implement Nessus into a
network of a customer of ours. I am talking about a
rather big corperate network on which Nessus has to
scan. As a first test I will use one scanning host,
this will be a dedicated machine only running Nessus
and maybe a SQL database for storing the results. I am
not sure what the exact system requirements of this
machine will be, because I do not have that much
experience with scanning this large.
Nessus will be installed onto a Linux distro and it
has to scan a range of about 30.000 host of which
10.000 may be offline. The scan will run once in 3
months, so time won't be a real problem, although it
is preferable if the scan would finsih as soon as
possible.
I think the following settings will be sufficient, but
maybe I am totally wrong.
- As is stated, this system will be running Linux, so
I think I better stick with an i386 processor, I was
think of a Pentium III 1 GHz
- The system should offcourse have a lot of memory,
but I don't have a clue what is enough and what is
overkill, so I was planning of putting in about 512 MB
of RAM
- The storage space will be a hardware RAID, storage
space won't be a real problem I guess
FYI, the network is a 100 Mbps switched ethernet
network.
I am thinking of scanning 30 hosts parallel with a
maximum of 10 hosts. The customer requested that the
scan would not use all available network bandwidth.
Are there other ways of limiting the Nessus traffic.
What would be the best strategy to scan such a large
network and what would be the minimum system
requirements for executing such a scan?
thanks in advance,
Dirk
__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com
