Re: Nessus 3.0 released

From: Renaud Deraison (deraison@nessus.org)
Date: Tue Dec 13 2005 - 15:54:55 EST

• Next message: Josh Perrymon: "RE: Nessus 3.0 released"
• Previous message: Venkat: "Nortel PeriphonicsScanner"
• In reply to: Erin Carroll: "Re: Nessus 3.0 released"
• Next in thread: Josh Perrymon: "RE: Nessus 3.0 released"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Dec 13, 2005, at 15:43, Erin Carroll wrote:

> One key performance issue I've run into (and I'm prbably not alone
> here)
> is the inability to easily manage the nessus server-side resource
> utilization when working with large numbers of hosts. While you can of
> course limit the number of consecutive scans, or even nice nessusd
> itself,
> there are many cases where the resource bottleneck is due to a
> particular
> plugin or a well filtered host (as you allude). Is there capability
> within
> the engine itself (or plans to implement) a way for nessusd to set
> resource limits that don't rely on variables like the # of scanned
> hosts/concurrent scan threads? I.e. nessus can use up to X %age of
> available memory/cpu/IO and self-throttle.

nessusd 3 throttles itself but only if the CPU is badly overloaded
('throttle_scan' in nessusd.conf). That is, if the CPU is overloaded
then the number of hosts scanned in parallel will go down, until the
load average is 'sane' again. However at the moment it's more a
safety belt than something which should be depended on -- basically
the 'sanity' of the load average directly depends on how many hosts
you wanted to test in the first place.

This kind of feature will be more suitable in Nessus 3.2 which will
be the 'part two' of our global optimization process.

In terms of max_checks, you should keep it to a reasonable value (ie:
4) -- anything too high is likely to interfere too much with the
remote host otherwise (think inetd closing ports on older Unices).

                                        -- Renaud

--
Renaud Deraison
http://www.nessus.org
http://www.tenablesecurity.com
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 
Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: Josh Perrymon: "RE: Nessus 3.0 released"
• Previous message: Venkat: "Nortel PeriphonicsScanner"
• In reply to: Erin Carroll: "Re: Nessus 3.0 released"
• Next in thread: Josh Perrymon: "RE: Nessus 3.0 released"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:16 EDT