> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Kristofer T. Karas > Sent: Wednesday, February 05, 2003 11:13 PM > To: Nessus Users > Subject: Re: ~OT> Costs of patching .... > > > On Wed, 2003-02-05 at 11:05, Simons, Rick wrote: > > If someone is drawing up a vulnerability and "costs of fixing > this network" > > document; am I overlooking associated costs with securing a > network using > > Nessus? > > 1. Accept the risk > > 2. Use Nessus to figure out the vulnerabilities > > Also consider costs associated (on a large heterogeneous network in any > case) with inadvertantly shutting down fragile services (JetDirect > cards, Novell FlexIP, etc) from even the more benign plugin selections. > Here, at the BI Deaconess Medical Center in Boston, a routine Nessus > scan over wide areas of our network space will shut down 10%+ of our > services. Not so bad if you're a small home office. Rather bad if > you're a financial brokerage house. Potentially *really* bad if the box > in question is currently running a lab test on a patient 10 minutes out > of an ambulance! > > Kris >
Wow! 10% of services shut down?! I would really like to know more about what settings you used for your scans. Are these fragile sevices getting whacked by a mere port scan or by an actual malinteraction with a plugin? Lastly, how do you use nessus in such an environment, if at all? Jim
