I would exclude networked printers as the scans can cause them to
produce volumes of printed gibberish (found out the hard way)
Yes, definitely scan during maintenance windows/non-business hours until
you see how well it plays in your environment. Not to mention with less
network traffic and systems activity, the scans should finish a lot sooner
On 3/14/2018 3:53 PM, Peter Collins wrote:
(Sorry if this is a repost. I had a technical issue with my first attempt)
I would like to use OSSIM's OpenVAS component to run asset and
vulnerability scans on both prod and non-prod. Like every place, we
want to make sure the IT infrastructure is not harmed or jeopardized.
So what is due care when introducing scanning? Should I do the asset
scans only during maintenance windows to start off, to make sure
nothing gets broken? Or are the non destructive, non authenticated
scans considered safe enough to run during production hours, on
production assets?
I should add that Nessus has been used by an outside contractor
without issue, on our network.
Thanks so much in advance
Peter
_______________________________________________
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
_______________________________________________
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss