I have no documentation to back this up, but I thought the built-in "TCP Connect()" scan was less efficient/accurate/speedy than an nmap scan. Maybe I'm confusing that with a separate nmap and then feeding the results into Nessus?
Any rough estimates of the memory footprint of multiple nmap processes versus multiple TCP Connect scans? Thanks, Owen -----Original Message----- From: Renaud Deraison [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 05, 2003 8:47 PM To: [EMAIL PROTECTED] Subject: Re: problems scanning more than 20 machines On Wed, Feb 05, 2003 at 06:37:55PM -0500, Adam Kosmin wrote: > Hello everyone, > > > I'd like to ask someone for their feedback on the 'max_hosts' value in /usr/local/etc/nessus/nessusd.conf > > What exactly does this value mean? I'm using the default value of 30 and need to know if I should be playing with this in order to try and solve a problem I'm having when feeding nessus a list of more than 20 IP addresses to scan. Nessus 1.2.7 is choking and dying when I feed it such a list. That's the simultaneous number of hosts you want to check for. If your server is choking and dying when scanning that many hosts, disable the use of Nmap (which wastes memory) and use "tcp connect()" instead. -- Renaud
