Microsoft Windows desktop systems have network limitations that may impact the performance of Nessus. The TCP/IP stack limits the number of simultaneous incomplete outbound TCP connection attempts. After the limit is reached, subsequent connection attempts are put in a queue and will be resolved at a fixed rate (10 per second). If too many enter the queue, they may be dropped.
This has the effect of causing a Nessus scan on a Windows desktop OS to potentially have false negatives. For better accuracy, it is recommended that Nessus on a Windows desktop OS have its port scan throttle setting down to the following, which is found in the "Performance" setting type under General Settings of a new policy:
Max number of hosts: 10
Max number of security checks: 4
Max number of packets per second for a port scan: 50
For increased performance and scan reliability, it is highly recommended that Nessus Windows be installed on a server product from the Microsoft Windows family.
Please refer the below URL for more details:
https://www.tenable.com/products/nessus/nessus-faq
Happy Learning
vulnerabilitymanagement cybersecurity
No comments:
Post a Comment