Does Nessus scan a host for more than 6 hours normal?
Jesper S. Jensen
jesper.skou.jensen at uni-c.dk
Fri Aug 13 02:37:04 EDT 2004
Ruiyuan Jiang wrote:
> Is it normal to take more than 6 hours? Thanks in advance.
I would say yes, especially over a Internet connection, and even more if
there are routers on either end (the ones in between shouldn't be a
problem). Routeres tend to get aggressive (Cisco ISO term) when boxes
behind them are scanned, and then they start dropping packages =
nessus/nmap retries a bunch of times.
Even scans on lan can tage a long time. A few days ago I scanned 10
hosts on a 100Mbit LAN, with only a switch between the scanner and the
hosts. It took 3 hours or so! I know, it's 10 hosts and not just one,
but I've seen 1 host take serval hours as well on the same LAN. It all
depends on how the host handles the scan, if it drops packages or
responds right.
Btw. why did you scan 1-60000 ? Why not take all the ports, now that you
are most of the way anyways? 1-65535 would be a logical choice.
--
Jesper S. Jensen
Basisnet og Sikkerhed
Uni-C - Århus, Danmark
+45 8937-6666
More information about the Nessus
mailing list