max_checks = 10
max_hosts = 5
max_checks = 10
log_whole_attack = no
cgi_path = /cgi-bin:/scripts
port_range = default
optimize_test = yes
language = english
checks_read_timeout = 3
non_simult_ports = 139, 445
plugins_timeout = 150
safe_checks = yes
auto_enable_dependencies = yes
use_mac_addr = no
save_knowledge_base = yes
kb_restore = yes
> > kb_dont_replay_scanners = no
kb_dont_replay_info_gathering = no
kb_dont_replay_attacks = no
kb_dont_replay_denials = no
kb_max_age = 2764800
diff_scan = yes
plugin_upload = no
plugin_upload_suffixes = .nasl, .inc
slice_network_addresses = no
end(SERVER_PREFS)
[EMAIL PROTECTED] wrote:
>>
When I was having trouble with scans finishing/running slowly, I had about 25 hosts and about 25 tests. Scans took days, my RAM was maxed out and the paging to and frmo disk was really high.
Then I dropped my hosts down to about 5 and my tests to about 5 - the results were amazing. Machine no longer maxed out the CPU or the RAM, paging to disk dropped dramatically and, best of all, the tests finished in hours instead of days. I currently scan multiple /24 networks (about 3-4 a night) and the time is between 1-2.5 hours each.
<<
There are a lot of variables you leave out. What is the system
configuration of the scanner? How many total checks do you run?
How dense is the population on those subnets (boy, can that
question have a double meaning!)
When you talk about the the load average sitting at around 30 or more, are you talking about the CPU? If so, that shouldn't be of any concern - the *best* spot your CPU can sit is at 99% - as long as it never hits 100% of course ;)
You certainly have heaps of RAM too ...
Have yuo noticed lots of disk activity? Particularly paging to and from disk?
The reason I ask is that you have a hell of a lot of tests (and presumably threads) running at once: max_hosts = 96 max_checks = 16 gives 1536 threads (I think - anyone ...is it one thread per test??).
When I was having trouble with scans finishing/running slowly, I had about 25 hosts and about 25 tests. Scans took days, my RAM was maxed out and the paging to and frmo disk was really high.
Then I dropped my hosts down to about 5 and my tests to about 5 - the results were amazing. Machine no longer maxed out the CPU or the RAM, paging to disk dropped dramatically and, best of all, the tests finished in hours instead of days. I currently scan multiple /24 networks (about 3-4 a night) and the time is between 1-2.5 hours each.
Hope that helps.
Antony
Find local movie times and trailers on Yahoo! Movies.
_______________________________________________
Nessus mailing list
[EMAIL PROTECTED]
http://mail.nessus.org/mailman/listinfo/nessus
Find local movie times and trailers on Yahoo! Movies.
_______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
