Hi Ron, Just a couple of things I noticed:
1) Try switching to a TCP scan instead of a SYN scan, it will be a little slower but may cause less problems with the firewall 2) Your max checks per host and max hosts per scan are set really high, this is likely the reason the firewall is spiking CPU. Try tuning these back (start with 5 hosts at a time and 10 checks per host). 3) Feel free to open a support ticket and the fine folks at Tenable support can assist you further. Thanks! Cheers, Paul On 7/21/11 12:02 PM, Ron Henry wrote: > This problem is probably due to my current gateway not being able to > keep up, but here goes. > > I'm scanning 10 or so /24s as part of a vuln assessment. I'm running > 4.4.1. The scan using the following scan policy, brings the ASA 5505 to > it's knees. CPU utilization goes to 98% and stays there until the device > eventually locks up. I'm honestly probably at the point where I just > need to move to beefier firewall, but I figured I would run it by you > guys first. > > There are no complicated firewall rules in place and threat detection is > disabled. > > > The scan policy can be viewed at > http://www.ciphermonk.net/photos/scan_policy.png > > Thanks for your help. > > - Ron Henry (dijital1) > > Website: http://www.ciphermonk.net <http://www.ciphermonk.net/> > <http://www.ciphermonk.net/>Email: [email protected] > <mailto:[email protected]> > Twitter: http://twitter.com/dijital1 > LinkedIn: http://www.linkedin.com/in/dijital1 > > %JMNU%521*-;UU -GbU- aUP > %JMNU%521*-A3FSP > %JMNU%521*-`4B-920-7BP > %JMNU%521*- 94i-C3-43P > %JMNU%521*-Bc2F-AR1C-AEBP > %JMNU%521*-e3+T-U26-DBGP > %JMNU%521*-bE41-KFF2-D232P > %JMNU%521*-3Bb}-4+}A-3VAP > > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com -- Paul Asadoorian PaulDotCom Enterprises Web: http://pauldotcom.com Phone: 401.829.9552 Fax: 1.877.846.2187 _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
