--- Jason Haar <[EMAIL PROTECTED]> wrote: > George A. Theall wrote: > > >Which scanner(s) are you using and how are they configured? > >Understand that UDP port scans are *slow* -- scanning all > >possible UDP ports can take a day or more for a single > >target! Also, this is just a drawback of UDP scanning, not > >Nessus per se. Avoid it if at all possible. > > > How can you disable UDP scans altogether? I don't see a switch > for > that...? I've spent a lot of time optimizing our *tcp* port > ranges and > scan options, but still find Nessus runs off trying to do whole > suites > of UDP tests - like the snmp ones (this is for DMZ scans, so I'd > rather > enable all tests, but limit the ports). I know I can - by hand - > turn > such tests off, but I'd rather leave all tests enabled, specify > port > range, and configure Nessus not to runs tests if they don't > involve one > of the "live" ports. (I'm not scanning Class B's BTW ;-)
Check the box 'Consider unscanned ports as closed' under Scan Options (thanks Edgeos!); in the template, it's called 'unscanned_closed'. > It takes me days too. This isn't Nessus's fault, but when your > Network > Group decide to enable a /22 on the Internet and then only > "officially" > have two hosts on it, you still have to scan the entire /22 "just > in > case" someone has shoved another host on without reporting it. > :-( Or the client that says they only have 100 hosts in a /16 (^_^) Jon PGP Fingerprint: 1BB0 A946 927B 93C3 ED6A 0466 6692 6C2C 84BE 4122 "Should any political party attempt to abolish social security, unemployment insurance, and eliminate labor laws and farm programs, you would not hear of that party again in our political history. There is a tiny splinter group, of course, that believes you can do these things. Among them are [...] a few other Texas oil millionaires, and an occasional politician or business man from other areas. Their number is negligible and they are stupid." [1] -- Dwight D. Eisenhower, Former President of the USA (Republican), Nov. 8, 1954 [1] http://www.eisenhowermemorial.org/presidential-papers/first-term/documents/1147.cfm __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
