lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
From: foofus at foofus.net (Mr. Rufus Faloofus)
Subject: Nessus experience

Greetings, full-disclosure!

>From time to time I find myself needing to estimate the time it takes
to run Nessus against various network ranges.  For some reason, it 
always seems to take longer than I expect, and I'm wondering if:

  1: I am doing something wrong (this is always a possibility)
  2: Nessus has been getting slower over time 

Specifically, with two laptops (each with 2GHz processor, and upwards
of 600MB RAM), I recently tried to scan a range of two class C-size
networks, to which I was directly connected via Ethernet.  I had already 
done full nmaps of the hosts (this took about an hour), so I was not
running nmap from within Nessus.  I found that after over three hours, 
I had only been able to complete tests on 90-something hosts.

This strikes me as unreasonably slow, for bulk automated testing, so
first, I'd like to ask if these performance metrics are in line with
others' experiences.  I'd also solicit any hints people might have
to offer on how they optimize performance, any rules of thumb anyone
might care to share about estimating times for Nessus runs.

Thanks, in advance, to all helpful replies.

--Foofus.



Powered by blists - more mailing lists