Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Nessus>
  3. users
One Scanner Multiple Clients
gravule at gmail
Aug 6, 2008, 6:25 AM
Post #1 of 5 (1921 views)
Permalink
All,

I am looking at having three nessus clients connected to one scanner
running simultaneously (credentialed scan). However, My concern is the
scanner will move like molasses or keel over. The Linux scanner has a
Pentium 1.4GHz processor, 512K cache and 1.2Gs of memory.

If anyone has done this, I am interested in your experience and suggestions

VR,
Kareem
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
Re: One Scanner Multiple Clients [ In reply to ]
rgula at tenablesecurity
Aug 6, 2008, 6:50 AM
Post #2 of 5 (1877 views)
Permalink
Kareem Beasley wrote:
> All,
>
> I am looking at having three nessus clients connected to one scanner
> running simultaneously (credentialed scan). However, My concern is the
> scanner will move like molasses or keel over. The Linux scanner has a
> Pentium 1.4GHz processor, 512K cache and 1.2Gs of memory.
>
> If anyone has done this, I am interested in your experience and suggestions


Hi there,

From the Nessus scanner's point of view, your concern should be what
the maximum number of systems that can be scanned at one time. The
settings "number of hosts in parallel" and "number of checks in
parallel" should be where you make your optimizations. If you
had one scan that did 30 hosts in parallel with 10 checks in
parallel, this would be similar to three scans occurring at the
same time which only did 10 hosts in parallel.

If you look at this blog entry:
http://blog.tenablesecurity.com/2007/01/optimizing_ente.html

and pay close attention to the output of plugin #19506
http://www.nessus.org/plugins/index.php?view=single&id=19506

you can see which hosts are taking a long time to scan and perhaps
minimize your scan time.

Also, during the scan, if you watch CPU and memory usage, you might
be able to figure out if your scans are being too aggressive. If
you have too many scans competing for resources, you might get
faster overall performance by lowering your total number of scans
occurring at the same time.

Ron Gula
Tenable Network Security


_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
RE: One Scanner Multiple Clients [ In reply to ]
Jeff.C.Mercer at usps
Aug 6, 2008, 7:05 AM
Post #3 of 5 (1880 views)
Permalink
It all depends on how many targets your hitting per scan, and how those
individual scan sessions are configured. If the sessions are set to a
low number of simultaneous hosts and checks, you can easily have 6 scans
running at once. But of course they will take longer to complete.

You didn't indicate what level Pentium processor you have, but it
doesn't sound like this is the workhorse you want for multiple
silmultaneous scans. A multi-processor system with a lot of RAM and
multiple NICs would be better.

--------
Jeff Mercer - CISO - Security Vulnerability Assessments


>-----Original Message-----
>From: nessus-bounces@list.nessus.org
>[mailto:nessus-bounces@list.nessus.org] On Behalf Of Kareem Beasley
>Sent: Wednesday, August 06, 2008 9:26 AM
>To: nessus@list.nessus.org
>Subject: One Scanner Multiple Clients
>
>All,
>
>I am looking at having three nessus clients connected to one scanner
>running simultaneously (credentialed scan). However, My concern is the
>scanner will move like molasses or keel over. The Linux scanner has a
>Pentium 1.4GHz processor, 512K cache and 1.2Gs of memory.
>
>If anyone has done this, I am interested in your experience
>and suggestions
>
>VR,
>Kareem
>_______________________________________________
>Nessus mailing list
>Nessus@list.nessus.org
>http://mail.nessus.org/mailman/listinfo/nessus
>
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
Re: One Scanner Multiple Clients [ In reply to ]
raleel at gmail
Aug 6, 2008, 7:06 AM
Post #4 of 5 (1883 views)
Permalink
well, it should work alright, as I've had multiple people hooked up to my
scanners (p4 2.4Ghz) and it works. What grade of pentium is your scanner?
It also is highly dependent on the level of the scan you are running and how
much stuff is turned on. Without that info, it's hard to say. Credentialed
scans, in my experience, are pretty light on the scanner. Some of the scans
themselves (particularly on unix) are very intensive on the client.

On Wed, Aug 6, 2008 at 6:25 AM, Kareem Beasley <gravule@gmail.com> wrote:

> All,
>
> I am looking at having three nessus clients connected to one scanner
> running simultaneously (credentialed scan). However, My concern is the
> scanner will move like molasses or keel over. The Linux scanner has a
> Pentium 1.4GHz processor, 512K cache and 1.2Gs of memory.
>
> If anyone has done this, I am interested in your experience and suggestions
>
> VR,
> Kareem
> _______________________________________________
> Nessus mailing list
> Nessus@list.nessus.org
> http://mail.nessus.org/mailman/listinfo/nessus
>



--
Doug Nordwall
Unix, Network, and Security Administrator
You mean the vision is subject to low subscription rates?!!? - Scott Stone,
on MMORPGs
Re: One Scanner Multiple Clients [ In reply to ]
gravule at gmail
Aug 6, 2008, 10:53 AM
Post #5 of 5 (1869 views)
Permalink
Currently my policy is configured with the number of hosts in parallel
is 20 with 5 checks. I am running 3 clients simultaneously so I am
thinking of changing the policy to the number of hosts in parallel is
6 with 10 checks. Also I will monitor the CPU and memory utilization.

I am scanning around 800 windows servers
Pentium 3
Safe checks= on
Log details of the scan on the server=on
Nessus TCP scanner=on
Ping the remote host= on

Thanks for your feedback!

VR,
Kareem

On Wed, Aug 6, 2008 at 9:50 AM, Ron Gula <rgula@tenablesecurity.com> wrote:
> Kareem Beasley wrote:
>> All,
>>
>> I am looking at having three nessus clients connected to one scanner
>> running simultaneously (credentialed scan). However, My concern is the
>> scanner will move like molasses or keel over. The Linux scanner has a
>> Pentium 1.4GHz processor, 512K cache and 1.2Gs of memory.
>>
>> If anyone has done this, I am interested in your experience and suggestions
>
>
> Hi there,
>
> From the Nessus scanner's point of view, your concern should be what
> the maximum number of systems that can be scanned at one time. The
> settings "number of hosts in parallel" and "number of checks in
> parallel" should be where you make your optimizations. If you
> had one scan that did 30 hosts in parallel with 10 checks in
> parallel, this would be similar to three scans occurring at the
> same time which only did 10 hosts in parallel.
>
> If you look at this blog entry:
> http://blog.tenablesecurity.com/2007/01/optimizing_ente.html
>
> and pay close attention to the output of plugin #19506
> http://www.nessus.org/plugins/index.php?view=single&id=19506
>
> you can see which hosts are taking a long time to scan and perhaps
> minimize your scan time.
>
> Also, during the scan, if you watch CPU and memory usage, you might
> be able to figure out if your scans are being too aggressive. If
> you have too many scans competing for resources, you might get
> faster overall performance by lowering your total number of scans
> occurring at the same time.
>
> Ron Gula
> Tenable Network Security
>
>
> _______________________________________________
> Nessus mailing list
> Nessus@list.nessus.org
> http://mail.nessus.org/mailman/listinfo/nessus
>
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal