On Wed, Apr 07, 2004 at 03:15:48PM -0400, [EMAIL PROTECTED] wrote: > Is there any documentation on the best ways of securing a Nessus > scanning server?
Not that I know of. But I'd imagine these are some good practices:
o Encrypt traffic between clients and the server using SSL.
o If using the unix-based nessus client, set paranoia_level to 2 or
3 in any client config files.
o Limit access to nessusd, either by configuring nessus-core to use
unix sockets rather than Internet sockets ("configure
--enable-unix-socket"), using the "-a" option of nessusd to
listen on specified interfaces (as Jay mentioned), or with
tcp_wrappers ("nessus-core/configure --enable-tcpwrappers").
o Think carefully about how scan results are distributed.
o Limit services running on the server platform, set it behind a
good firewall, limit user access, etc. like you would for any
service you wish to secure.
> If a firewall were used, would it hinder the return results of a
> nessus scan?
It depends on how the firewall is configured. On one hand, you may wish
to test targets for vulnerabilities exploitable from the Internet. On
the other, you may wish to simply allow unfettered access from the
nessusd server. I'd probably opt for the latter since with today's more
sophisticated worms, it's becoming harder to trust internal networks.
> If I were to use a firewall, the scanning path would
> be similar to this:
> nessusd->firewall->internet->firewall->our_network
Do you really want information about vulnerabilities discovered on your
network traversing the 'net??? I realize there are plenty of third-party
services set up to do exactly this, but it sounds like you have the
expertise to do this in-house.
George
--
[EMAIL PROTECTED]
pgp00000.pgp
Description: PGP signature
_______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
