On Wed, Jun 11, 2003 at 02:36:20PM +0100, Cardwell, Dick wrote:
>
> Greetings all,
>
> Using nessus 2.0.6a on RedHat 8.0 system, I've being tasked with
> scanning a small number of hosts on one of our subnets. These hosts
> sit behind a firewall which will be opened up to allow my scan
> through. Is there a set of recommended settings to reduce the
> likelihood of raising IDS alarms? Only safe checks will be run and
> the scan of each host should be completed with 1 working day.
It really depends on what you want to test (the hosts or the quality of IDS),
and why raising IDS alarms would be an issue for you. It also depends on the
type of IDS (if it's snort, you may want to disable all the SNMP checks
as it is extremely verbose on that regard).
-- Renaud
