Am 14.03.2018 um 21:06 schrieb Eero Volotinen:
I usually prefer lower scan speed as too intensive can crash firewall devices..
if a security scan from a single node crashs your firewall device you should say "thank you" for konwing that this crap needs to be replaced ASAP
real attackers don't care as you do
14.3.2018 22.01 "TJ" <j...@twcny.rr.com <mailto:j...@twcny.rr.com>> kirjoitti:I would exclude networked printers as the scans can cause them to produce volumes of printed gibberish (found out the hard way) Yes, definitely scan during maintenance windows/non-business hours until you see how well it plays in your environment. Not to mention with less network traffic and systems activity, the scans should finish a lot sooner On 3/14/2018 3:53 PM, Peter Collins wrote:(Sorry if this is a repost. I had a technical issue with my first attempt) I would like to use OSSIM's OpenVAS component to run asset and vulnerability scans on both prod and non-prod. Like every place, we want to make sure the IT infrastructure is not harmed or jeopardized. So what is due care when introducing scanning? Should I do the asset scans only during maintenance windows to start off, to make sure nothing gets broken? Or are the non destructive, non authenticated scans considered safe enough to run during production hours, on production assets? I should add that Nessus has been used by an outside contractor without issue, on our network. Thanks so much in advance
_______________________________________________ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
