Hey, Are you guys doing scans via NMap, Nessus or some other tool? If NMap what other tool/scripts are you using to diff and datamind the data collected?
I'm looking to rolling out a similar daily task on my work network. BaconZombie On 30 March 2010 13:21, Albert R. Campa <[email protected]> wrote: > Id agree with the cred scanning during the day. I started tentatively, > but since doing it a few times, I have noticed no issues whatsoever on > desktop scans. > > > __________________________________ > Albert R. Campa > > > > On Mon, Mar 29, 2010 at 7:56 PM, Paul Asadoorian <[email protected]> > wrote: > > If you're scanning workstations I highly recommend credentialed > > scanning. There is little impact on the end-user workstations, and you > > get better results (less false positives, more information about the > > installed software, devices, etc..). > > > > We started doing this on some of our consulting engagements and are very > > happy with the results. It really gives you a good picture of the > > network, systems, and a snapshot of the security practices that exist > > (or not). > > > > Cheers, > > Paul > > > > On 3/29/10 8:26 PM, Michael Douglas wrote: > >> we scan our workstations during a few windows. > >> > >> Early in the morning (between 6-8:30 local) if they're running. > >> After the work day (between 6:30 - 9ish) if they're running. > >> If all else fails, we scan around lunchtime (11:30 - 1) We only use > >> this time as a fall back... this will impact users. > >> > >> > >> HTH, > >> - Mick > >> > >> > >> > >> On Mon, Mar 29, 2010 at 2:02 PM, Juan Cortes <[email protected]> > wrote: > >>> Guys, > >>> > >>> Sort of new to this, but is there a sort of industry standard time when > to > >>> scan. Basically this scan will be workstations and I would like to scan > them > >>> during the day since some users turn them off and I would like to get > away > >>> from bugging people to leave them on. Any suggestions? > >>> > >>> Thanks > >>> > >>> -- > >>> Juan C. Cortes > >>> Chicago, Il > >>> > >>> _______________________________________________ > >>> Pauldotcom mailing list > >>> [email protected] > >>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > >>> Main Web Site: http://pauldotcom.com > >>> > >> _______________________________________________ > >> Pauldotcom mailing list > >> [email protected] > >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > >> Main Web Site: http://pauldotcom.com > > > > -- > > Paul Asadoorian > > PaulDotCom Enterprises > > Web: http://pauldotcom.com > > Phone: 401.829.9552 > > _______________________________________________ > > Pauldotcom mailing list > > [email protected] > > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > > Main Web Site: http://pauldotcom.com > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
