I wouldn't scan through the firewall to audit systems on the other side. Move your scanner machine.
do you not want to enable safe checks? On Thu, Jul 21, 2011 at 11:02 AM, Ron Henry <[email protected]> wrote: > This problem is probably due to my current gateway not being able to keep > up, but here goes. > I'm scanning 10 or so /24s as part of a vuln assessment. I'm running 4.4.1. > The scan using the following scan policy, brings the ASA 5505 to it's knees. > CPU utilization goes to 98% and stays there until the device eventually > locks up. I'm honestly probably at the point where I just need to move to > beefier firewall, but I figured I would run it by you guys first. > There are no complicated firewall rules in place and threat detection is > disabled. > > The scan policy can be viewed at > http://www.ciphermonk.net/photos/scan_policy.png > Thanks for your help. > > - Ron Henry (dijital1) > > Website: http://www.ciphermonk.net > Email: [email protected] > Twitter: http://twitter.com/dijital1 > LinkedIn: http://www.linkedin.com/in/dijital1 > > %JMNU%521*-;UU -GbU- aUP > %JMNU%521*-A3FSP > %JMNU%521*-`4B-920-7BP > %JMNU%521*- 94i-C3-43P > %JMNU%521*-Bc2F-AR1C-AEBP > %JMNU%521*-e3+T-U26-DBGP > %JMNU%521*-bE41-KFF2-D232P > %JMNU%521*-3Bb}-4+}A-3VAP > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
