On Mon, Jun 23, 2003 at 07:30:26PM -0400, [EMAIL PROTECTED] wrote:
> Saw this in changes..
> Wonder how to use it.
> - Network IPs can now be evenly sliced instead of being scanned
> sequentially
Yeah. Instead of doing ip, ip + 1, ip + 2, ... , ip + N,
Nessus 2.0.7 (not officially released yet btw) has a more subtle
algorithm which divides the network in /29 networks (if I recall
correctly) and for each one goes incrementally. So you don't end up
scanning ip and ip + 1 at the same time, which is good if you are
scanning multihomed hosts on consecutives IPs.
> Also, why use -S (nessusd -S) option?
> was it for dual homed, or aliased interfaces?
Yes. You can also specify multiple IPs (as many as you have virtual
interface), which *might* give better results against host protected by
a NIPS (intrusion prevention system - that's the buzzword du jour), as
the remote host/gateway will "see" the scan coming from multiple hosts
(so if one is blocked, the scan may continue [but will produce
incomplete results anyway - avoid scanning NIPS-protected hosts, that's
stupid).
-- Renaud
