Hi! I am performing vulnerability testing in large scale enterprise for a while now and I have seen everything. To start with: * If a system crashes, it is not caused by the scan, there is a DOS vulnerability found by the scanner. * If a system acts unpredicted, it’s an weakness found by the scanner. * A robust piece of software MUST be able to survive a network scan, what ever the scanner does, but simple flooding the interface.
On the other hand, we see a lot of crap out there that does not act like this. The printers where already mentioned. Firewall devices may have performance issues when too many simultaneous sessions have to be handled. My advice: Be as accurate as possible with the scanning policy by categorising the targets as good as possible. Get the data from CMDBs or similar. Test the policies on non-productive systems ahead. Give the ops the red button to turn off the scan on emergency instead of have them call you in the middle of the night. Scan in off-peak times, this is not always the night or the weekend. Happy scanning. > Am 14.03.2018 um 20:53 schrieb Peter Collins <jetcoll...@gmail.com>: > > (Sorry if this is a repost. I had a technical issue with my first attempt) > > I would like to use OSSIM's OpenVAS component to run asset and vulnerability > scans on both prod and non-prod. Like every place, we want to make sure the > IT infrastructure is not harmed or jeopardized. > > So what is due care when introducing scanning? Should I do the asset scans > only during maintenance windows to start off, to make sure nothing gets > broken? Or are the non destructive, non authenticated scans considered safe > enough to run during production hours, on production assets? > > I should add that Nessus has been used by an outside contractor without > issue, on our network. > > Thanks so much in advance > > Peter > > _______________________________________________ > Openvas-discuss mailing list > Openvas-discuss@wald.intevation.org > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss -- Christoph Gruber l...@guru.at Patience is not the ability to wait, but to have a good attitude while waiting! PGP-Key-ID: 11C558E8 PGP-Key-Fingerprint: BC67 4E98 9B2E 70F7 C24F A7B7 3ADD C4B4 11C5 58E8 _______________________________________________ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
