On Tue Oct 31 2006 at 20:45, Kelly, Jim wrote:
> Has anyone evaluated the appropriateness of using Nessus to scan
> mainframe computers?
Well... Mainframes usually run critical applications, so I never dared
to launch a full scan against one of those big beasts.
> I looked through the plugins and don't see any that seem
> particularly relevant.
Note that Nessus has many generic tests, but many of them are
dangerous and will be only enabled in unrestricted (not safe_checks)
mode.
If you can afford to crash the mainframe or some services (i.e. if you
are currently *not running production applications on it, just
testing), try to run a full Nessus scan:
- all 65K ports
- no safe checks
- enable experimental and thorough tests (in the "Prefs")
- test SSL on all ports
--
http://arboi.da.ru/ http://ma75.blogspot.com/
PGP key ID : 0x0BBABA91 - 0x1320924F0BBABA91
Fingerprint: 1048 B09B EEAF 20AA F645 2E1A 1320 924F 0BBA BA91
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
|