On Thursday 21 August 2008 02:33:31 Jason Haar wrote: > So: which of the timeout options should I look at increasing? > "checks_read_timeout"?
This will affect all network connections. You should increase it on a slow WAN. Keep in mind that the value in nessusd.conf is only a default, and that it may be overridden by the client (from your .nessusrc or your Nessus XML policy). > "Services[entry]:Network connection timeout"? This only affects find_service.nasl. There is a second timeout (for read). Use the same value as checks_read_timeout or greater. You may also reduce the parallelism here. > What about "plugins_timeout"? What if it takes 4 minutes to completely > enumerate the services installed on the remote PC? Unless your machine is real slow, increasing it is not necessary. > Also, I am assuming this is a timeout problem. If you are running several scans on the same slow link, it may be overloaded. In that case, decrease the parallelism (max_checks & max_hosts). The TCP scan can kill a slow link. Reduce the port range if possible (e.g. use "default" rather than "1-65535") If you are using nessus_tcp_scanner, and if your machines are not firewalled, disable the "Firewall detection". You can also play with the hidden option nessus_tcp_scanner.micro_timeout; try setting it to 300 µs (in nessusd.conf or .nessusrc...) nessus_tcp_scanner.micro_timeout=300 _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
