Hi Drew,
On Jan 18, 2007, at 11:51 AM, Flickema, Drew W. wrote:
If Nessus is sourcing from a forested Vista install, then it should be
able to communicate and perform it's authenticated assessment when
targeting other clients in the forest. If Nessus is sourcing from
a non
forested client or installed on a non-windows platform, then
authenticated checks will always fail since Nessus does not talk
IPSec.
Will there be any effort to develop Nessus communications so that
it too
will attempt to negotiate IPSec or fail back to clear channel? If
this
moves forward, what is the perceived impact to scan times when
considering a global enterprise consisting of multiple Oses?
The question you're asking is not really Nessus related, although it
does affect it -- it will depend on the configuration of the
underlying IPSsec API (ok, in terms of packet forgery Nessus will
also be affected a bit and we'll have to fix this).
We're going to test this setup and determine what can be done to help
the user configure his IP stack so that IPSec is used whenever possible.
-- Renaud
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus
