On Mon, 2002-06-24 at 06:47, Darren Young wrote: > Where is the "best" logical/physical position for a Nessus scanning machine? > In front of, behind or beside (DMZ) the firewall? When it's behind the > firewall it generates quite a bit of noise with default "passthrough" DENY > and LOG rules. That's fine, I just want to be sure the firewall isn't > dropping something that the scanner needs. Perhaps in a DMZ with an "allow > everything out and established"?
All are correct. ;-) It depends on what your purpose is. Outside if you want to get a "hacker's view" on your network. Inside if you want to see what's actually on the machines, without being disturbed by the firewall. "What's the one solution that fits all" is usually a wrong question. ;-) -- Florin Andrei "You can get excited about just any subject if you study it enough. It's the deep knowledge that makes a topic interesting." - Larry McVoy
