Dear all, I tested kb with nessus 2.2.5 to minimize inpact of weekly scans on our network. With a kb lifetime of 1 month I can reduce the bandwith by 4. This is the settings I'm using :
save_knowledge_base = yes only_test_hosts_whose_kb_we_dont_have = no only_test_hosts_whose_kb_we_have = no kb_restore = yes kb_dont_replay_scanners = no kb_dont_replay_info_gathering = yes kb_dont_replay_attacks = yes kb_dont_replay_denials = yes kb_max_age = 2592000 So If nessus find info in the kb not older than 30 days it will just scan the host but will not replays info_gathering, attacks and denials. If a vulnerability has been patched within the 30 days folowing the scan, we have to wait 30 before seeing that the vulnerability has disappeared. To avoid that, is there a way using kb to force nessus to replays plugins that were matched positive in the kb even if kb_dont_replay* params are set to yes ? thx -- Eric Daras _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
