We don't track or publish such a list at Tenable. Any type of port scanning and service fingerprinting can have impact on poorly written or deployed software. If we do become aware of an issue and can make Nessus have less of an impact we do try that strategy.
However, rather than building an exclusion list, I'd strongly suggest that you consider patch auditing with Nessus. Nessus can perform a full patch audit of hosts you have credentialed access for. If your organization is concerned about any negative impact for scanning, you should consider Tenable's Passive Vulnerability Scanner product which sniffs network traffic to discover vulnerabilities. Ron Gula, CTO Tenable Network Security Chambers, Daryl [HDS] wrote: > Is there a list of software packages that have been known to have > problems with Nessus scans? I am trying to develop an exclusion list > for my company. > > Thanks, > > Daryl L. Chambers Jr. > Security Audit Analyst > Desk 407.822.2939 > Cell 407.401.0775 > > One Team Driving Customer Success and Shareholder Value > > _______________________________________________ > Nessus mailing list > [email protected] > http://mail.nessus.org/mailman/listinfo/nessus > _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
