July 28th, 2003, 02:07 PM
I have been doing an internal audit of our network.
I have used, among others, Nessus to scan our servers which resulted in the servers crashing. We run Novell NetWare 5.60.03. EVERY server crashed during the tests and I would love to know why and if this behavior is patchable.
Does anyone know any details about this type of problems?
July 28th, 2003, 03:27 PM
I'm not sure but Nessus should be the one to tell you this. That's the whole point of the vulnerability scan.
Try to scan using less options/tests to see which of the tests crashes your server. Then look at the type of test that does crash your server. With this info it should be easier to find out if there are any patches/updates for it.
Experience is something you don't get until just after you need it.
July 28th, 2003, 06:43 PM
I've had this happen too, and if I recall, it is the IIS probing that crashes them. You can try removing that portion of the penetration test just to keep your servers up during your scan. As far as a patch goes, I don't know. None of my NetWare servers are available externally, so I didn't figure there was much need to patch against IIS exploits. Piss poor security, I know, however, we're waaaaaaaaay understaffed and have to prioritize.
July 28th, 2003, 08:57 PM
Ok, thanks for your help. If I find anything out I will be certain to let you know about.
Thanks again :-)
July 28th, 2003, 10:39 PM
Are you enabling all "non-DOS" plugins when you are performing your scans?
This is usually a good idea when scanning production systems
[glowpurple]There were so many fewer questions when the stars where still just the holes to heaven - JJ[/glowpurple] [gloworange]I sure could use a vacation from this bull$hit, three ringed circus side show of freaks. - Tool. [/gloworange]