Department were requested to run scans agains their critical servers and send results to the security officer.
There were questionsraised as to where the scans should be ran from:
My research indicated that the threat was greatest from insiders, so my suggested approach was to require that the scans be ran from inside the network ( specifically behind the firewall.)
Other will argue that the scans should be ran from outside the firewall since the threats are mainly external.
A department that took the last approach (running the scans from outside the firewall), reported the Nessus scan results with No vulnerabilities.
I find these results suspect, considering thesize of there network.
My Question is, if the scans are run from ouside the network, should the firewall (and other security appliances) be configured in a particular way as not to distort the scans. At the very least I will expct that IP traffic from the computer executing the scans should be allowed on the network.
Advice from this list will be appreciated.
Thanks.
New Yahoo! Messenger with Voice. Call regular phones from your PC and save big.
_______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
