Penetration Testing mailing list archives
Re: Nessus, Harmful?
From: "Adrian Puente Z." <puenteadrian () gmail com>
Date: Mon, 11 Jan 2010 13:20:02 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In my experience: Yes, it can be. You should tweak the settings based on the OS, cpu and nerwork load and services he is running. Some tests can be intrusive os can devour the CPU or the network. I have some experiencie killing servers with Nessus and it's not fun. You should try with the development enviroment first, and see what happens. bests, - -- Adrián Puente Z. [www.hackarandas.com] Donde las ideas se dispersan en bytes... "... ruego a mi orgullo que se acompañe siempre de mi prudencia, y si algún día mi prudencia se echara a volar, que al menos pueda volar junto con mi locura" --Nietzche Huella: FBD6 4C36 2557 C64C 1318 70A8 F561 CB6F 4E40 5AFB http://www.hackarandas.com/apuente_at_hackarandas.com.asc.gz lukasz () piatek pl wrote:
Hi. As long as I have been using Nessus (for about 7 years) I never noticed such problems. The truth is that Nessus can cause certain law related problems if used in inappropriate manner (certain in depth scans can trigger IDS/IPS alerts which may lead to prosecution -- you may be taken as a intruder). If you want to do it legally do not bother about any unintentional DoS. Regards, Łukasz Piątek http://blog.lukaszpiatek.com http://lukasz.piatek.pl http://ntsecurity.pl ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAktLed4ACgkQW2tF/eN2yfYZZwCfcqH6nGwAWfAiVbgUzHFEsFZl YvYAn0aMO4UwTkxsZqSya5tQ4e7KHGGA =ziBe -----END PGP SIGNATURE----- ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Re: Nessus, Harmful?, (continued)
- Re: Nessus, Harmful? John Jasen (Jan 28)
- RE: Nessus, Harmful? Genaro Liriano (Jan 28)
- Re: Nessus, Harmful? Jeremy Brown (Jan 28)
- Re: Nessus, Harmful? Adriel T. Desautels (Jan 28)
- RE: Nessus, Harmful? Genaro Liriano (Jan 28)
- Re: Nessus, Harmful? Shohn Trojacek (Jan 28)
- Re: Nessus, Harmful? Himanshu Goyal (Jan 28)
- Re: Nessus, Harmful? bugs (Jan 29)
- Re: Nessus, Harmful? rajat swarup (Jan 29)
- Re: Nessus, Harmful? Himanshu Goyal (Jan 28)
- Re: Nessus, Harmful? lukasz (Jan 11)
- Re: Nessus, Harmful? Edin Dizdarevic (Jan 11)
- Re: Nessus, Harmful? Adrian Puente Z. (Jan 11)
- Re: Nessus, Harmful? John Jasen (Jan 28)