Home page logo

pen-test logo Penetration Testing mailing list archives

Re: Nessus, Harmful?
From: Edin Dizdarevic <SecurityFocus () truesec de>
Date: Mon, 11 Jan 2010 20:05:11 +0100

Depends on how intensively you scan. Depends on which modules you use. Depends on many things.

So far it happened to me only once to crash a system because of an error in the network driver. I must admit it was using nmap. But nmap is a tool I would assume even less harmful.

It should not happen but it did so a residual risk is always there. But normally it should not harm anything unless you use it wrong way. I would not use any assessment tool on a production system in any case.


lukasz () piatek pl schrieb:

As long as I have been using Nessus (for about 7 years) I never
noticed such problems. The truth is that Nessus can cause certain law
related problems if used in inappropriate manner (certain in depth
scans can trigger IDS/IPS alerts which may lead to prosecution -- you
may be taken as a intruder). If you want to do it legally do not
bother about any unintentional DoS.


This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]