I have actually hit issues with scanning our hosts and what I have done is try
to categorize the different types of hosts based on what they run (both OS and
applications). Then create Scanning Policies that target the category of host
being scanned. Since we also have machines in AWS, our local DC and other
Cloud providers I have created slave scanners at the individual sites with a
Central manager scanner. This moves the scanning out closer to the host to be
scanned and does not flood our local network where the manager scanner is.
Louis
:::::
Louis Bohm - Sr. Systems Engineer
Dell TechDirect Certified
> On Mar 14, 2018, at 4:43 PM, Reindl Harald <h.rei...@thelounge.net> wrote:
>
>
>
> Am 14.03.2018 um 21:06 schrieb Eero Volotinen:
>> I usually prefer lower scan speed as too intensive can crash firewall
>> devices..
>
> if a security scan from a single node crashs your firewall device you should
> say "thank you" for konwing that this crap needs to be replaced ASAP
>
> real attackers don't care as you do
>
>> 14.3.2018 22.01 "TJ" <j...@twcny.rr.com <mailto:j...@twcny.rr.com>>
>> kirjoitti:
>> I would exclude networked printers as the scans can cause them to
>> produce volumes of printed gibberish (found out the hard way)
>> Yes, definitely scan during maintenance windows/non-business hours
>> until you see how well it plays in your environment. Not to mention
>> with less network traffic and systems activity, the scans should
>> finish a lot sooner
>> On 3/14/2018 3:53 PM, Peter Collins wrote:
>>> (Sorry if this is a repost. I had a technical issue with my first
>>> attempt)
>>>
>>> I would like to use OSSIM's OpenVAS component to run asset and
>>> vulnerability scans on both prod and non-prod. Like every place,
>>> we want to make sure the IT infrastructure is not harmed or
>>> jeopardized.
>>>
>>> So what is due care when introducing scanning? Should I do the
>>> asset scans only during maintenance windows to start off, to make
>>> sure nothing gets broken? Or are the non destructive, non
>>> authenticated scans considered safe enough to run during
>>> production hours, on production assets?
>>>
>>> I should add that Nessus has been used by an outside contractor
>>> without issue, on our network.
>>>
>>> Thanks so much in advance
> _______________________________________________
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
_______________________________________________
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
