Hi there We run daily 'lite' scans against our LANs, and it appears some of the Nessus tests are triggering a fault on the DCs (since Nov) - causing them to reject basically all AD requests for a few minutes while they recover.
The DCs report: RPC server is too busy to complete this operation The 'lite' scan we run is primarily looking for missing MS patches, but definitely has "disable dangerous rules" enabled - and yet appears to be causing this. (i.e. we run it at 2pm local time and between 2-3pm is when the problem occurs, and when we turn the scanner off for a few days the problem goes away) These DCs are Win2K3-SP1 (not SP2) and are patched up to Oct 2007. Could it be some rule changes since then in Nessus are causing a fault, and if so, should they be flagged "dangerous" so that they are disabled? This is with nessus-3.0.6 under RHE4 -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
