I think you're ok to filter incoming TCP SYNs (i.e. syn bit set; ack and rst bits not set), ICMP echo-requests, netmask-requests, timestamp-requests. These changes should not affect Nessus. What I would definitily avoid is scanning through a stateful firewall - the port scan is likely to give it a major headache and near guaranteed you will miss a few of the fancier related packets.
Regards,
Paul
[EMAIL PROTECTED] wrote:
If a firewall were used, would it hinder the return results of a nessus scan? I
read somewhere that partial packets wouldn't return correctly to a nessus server
directly behind a firewall. If I were to use a firewall, the scanning path would
be similar to this:
nessusd->firewall->internet->firewall->our_network
Would this packet traffic pattern break some of the scan results?
-- Paul Johnston Internet Security Specialist Westpoint Limited Albion Wharf, 19 Albion Street, Manchester, M1 5LN England Tel: +44 (0)161 237 1028 Fax: +44 (0)161 237 1031 email: [EMAIL PROTECTED] web: www.westpoint.ltd.uk
_______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
