Nessus and advices when using it

  • zillah
  • Student
  • Student
  • zillah
  • Posts: 77

Post 3+ Months Ago

I am planning to use Nessus (installed on Desktop) at work (production devices)

1- Is there any difference between Nusse Linux platform and Windows Platform ?
2- Is it a good idea to use more than one monitoring tools on different PCs, like Nusses on one PC and SolarWinds on other PC or ?
3- Does using Nusses (Linux or windows) affect any network devices (Cisco devices, hp servers, etc )
4- Is it necessary the PC which has got Nessus installed on it, to join AD domain ?
  • Infrastruct
  • Newbie
  • Newbie
  • Infrastruct
  • Posts: 13

Post 3+ Months Ago

Quote:
1- Is there any difference between Nusse Linux platform and Windows Platform ?

Not so much, but I would definitely run it on a Linux platform because windows machines are more likely to get compromised. Keep in mind that Nessus and any systems intrusion utility produces data that's going to be very valuable to hackers so you want Nessus living on a secure machine.

Quote:
2- Is it a good idea to use more than one monitoring tools on different PCs, like Nusses on one PC and SolarWinds on other PC or ?

Nessus is about tops. If you want to do that, though, it's not going to hurt anything.

Quote:
3- Does using Nusses (Linux or windows) affect any network devices (Cisco devices, hp servers, etc )
No. It may ring security bells though, especially on routers, so make sure that the people administrating your routers know what's going on.

Quote:
4- Is it necessary the PC which has got Nessus installed on it, to join AD domain ?

That's kind of a large question.

The Nessus box has to have access to the subnet that you're scanning. It doesn't care about windows domains, it just needs to be able to ping the servers that you're hitting with it.
  • zillah
  • Student
  • Student
  • zillah
  • Posts: 77

Post 3+ Months Ago

Quote:
No. It may ring security bells though,

What I have read :
Nessus being a vulnerability scanner is designed to find things that are exploitable and as such Nessus is capable of performing some tests that are not 'safe' that could possibly cause a dos condition, a service to crash, etc..
  • Infrastruct
  • Newbie
  • Newbie
  • Infrastruct
  • Posts: 13

Post 3+ Months Ago

Well, that's true, it does try to detect for vulnerabilities to things like large packets. But if your Ciscos etc are anywhere close to modern firmware it's not going to be a problem. Most of these DDOS attacks that work that way have been hardened out by now.

But there's an option to turn off the aggressive scan.

That's kind of the price of finding out whether your systems are vulnerable to that sort of attack, unless you want to check the versions of every piece of software and service running on the machine.
  • zillah
  • Student
  • Student
  • zillah
  • Posts: 77

Post 3+ Months Ago

Quote:
But if your Ciscos etc are anywhere close to modern firmware it's not going to be a problem. Most of these DDOS attacks that work that way have been

Is there any realtion between modern fireware and DOS attacks ?


Quote:
But there's an option to turn off the aggressive scan.

Yes you are right .


At work we have got different applications run , how can we check the security issue (application security assessment and compliance solutions) for these online applications.

Since Nessus is powerful tool to scan for vulnerability issues, does Nessus capable to do that ?
  • Infrastruct
  • Newbie
  • Newbie
  • Infrastruct
  • Posts: 13

Post 3+ Months Ago

Quote:
Is there any realtion between modern fireware and DOS attacks ?

You mean firmware? Well, it depends on the DDOS attack but in the mid 90s to 2001 or so there was Cisco and other networking firmware that was getting hit and taken down by certain ddos attacks like specially crafted packets to port 239.

I was an analyst in that timeframe for a company that manufactures network muxes and other things and it was a huge problem.

The problem was, to know if you had vulnerable devices, you pretty much had to hit them and find out if they fell over.

That's all fixed now.

It's quite unlikely that even the aggressive Nessus scan is going to do any damage, but to be safe you should probably turn off the option and probe those sources one by one and manually with something like nmap.

Post Information

  • Total Posts in this topic: 6 posts
  • Users browsing this forum: No registered users and 53 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.