Sometime ago "Pete Herzog" <peteat_private> (exactly the Thu, 29 May 2003 22:55:03 +0200), wrote: > > Rule of thumb for security testing enumeration-- straight out of > OSSTMM 2.5 RED-- > Hi, right now i'm doing a nessus vuln scan with top20 in a ~3000 hosts / multiple subnets network (about 90 subnets) all of them about 1 max 2 hops from me. First i search for online hosts, using nmap scanning for netbios ports and web ports, it took 2-3 hours without OS fingerprinting (it was done several times in 2 weeks, so i could get a somehow accurate map form the network). if i used OS fp it take from 6 to 10 hours to do the whole scan. Second i split the hosts detected by subnets (the most populated has about 200 hosts) and merge the subnets whose population were less than 50 hosts (so i could get 100-200 blocks of ip) Third i started nessusd (yesterday, to be accurate) and for the first subnet with 180 hosts it took about 3 hours (2 hops from me). but today the next subnet (same size/hops) is taking 7 hours.. i'll send you the timings after the process is completed.. (well i hope it would finish some day) hope this helps --- Andres Mauricio Mujica SEAQ SERVICIOS CIA LTDA www.seaq.com.co --------------------------------------------------------------------------- ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Thu May 29 2003 - 15:30:52 PDT