Ben To share some of my experiences, you may want to consider server and network performance tuning issues in addition to Nessus's performance. If you're looking for larger performance requirements, you may want to consider the usual suspects: disk io, memory, and CPU. Before I start adding servers, I like to make sure I'm getting every cycle's worth for my penny. I've also had good experience using a separate disk sub-system for logging intensive applications. (A separate controller and disk used for /var, or whatever). Keep in mind the old saying, "Security, performance, cost - pick two". A word of caution, I've seen many administrators, including myself, make too many changes or too big of a change, and cause performance to degrade in other applications or parts of the system. And, be careful of any firewalls or proxies you may be traversing when running these tests with a well-tuned machine. Without realizing, I've chewed up too many connections over a firewall and...well that's another story (lesson). As far as tuning Nessus, keep in mind the checks_read_timeout setting, which is 15 seconds by default. You may want to lower this if you are on a local network, but be careful it could cause false positives. Check your /usr/local/etc/nessus/nessusd.conf for current parameters. Here's a few links I've found useful for performance related info: http://www.geocities.com/techdirectory/performance.html http://secinf.net/info/unix/ip-stack-tuning.html Good luck and have fun, Vince Maes vinceat_private -----Original Message----- From: Kevin Clarke [mailto:kclarkeat_private] Sent: Friday, July 19, 2002 7:32 AM To: PEN-TESTat_private; falconat_private Subject: Re: how many clients per server w/ nessus? Ben I have set-up Nessus before with 5 concurrent clients and it seemed to work fine. The scanning took a while but I think this was because of the limited bandwidth I had access to at the time, rather than the power of the Server (Redhat, P3, 128MB RAM). Kevin ----- Original Message ----- From: <falconat_private> To: <PEN-TESTat_private> Sent: Thursday, July 18, 2002 7:37 PM Subject: how many clients per server w/ nessus? > Greetings, > > Has anybody ever setup a central nessus server to be > used with multiple, simultaneous clients? Any idea > what the safe max per server is in terms of # clients > and # scanning threads (ie: target IPs/hosts)? I'm > interested in setting up a central server with the > ability to scan 50-100 confirmed hosts simultaneous > from 5-10 unique clients and am wondering if 1 server > can handle this, or if I'll need to setup multiple > servers. > > Thanks much! > > -ben > > --------------------------------------- > Benjamin Tomhave > falconat_private > http://falcon.cybersecret.com/ > > -------------------------------------------------------------------------- -- > This list is provided by the SecurityFocus Security Intelligence Alert (SIA) > Service. For more information on SecurityFocus' SIA service which > automatically alerts you to the latest security vulnerabilities please see: > https://alerts.securityfocus.com/ > ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Fri Jul 19 2002 - 11:42:28 PDT