'Re: nessus: MacOS scans, multi-user performance'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       nessus
Subject:    Re: nessus: MacOS scans, multi-user performance
From:       Renaud Deraison <deraison () cvs ! nessus ! org>
Date:       2000-10-31 19:37:52
[Download RAW message or body]

On Tue, Oct 31, 2000 at 11:39:49AM -0600, Mitchell Hagerty wrote:
> Hello,
> 	When I do a scan on a Mac (one sitting next to me) it takes about 45
> minutes where as a PC or UNIX box scan takes about 7 minutes. The
> results end up saying:
[...]
> why did it take 45 minutes to come up with that
> and are those the results I should expect?

Did you do a full blown scan, or did you run a restricted set of plugins
only ? what port range did you set up ? did you enable nmap scans ?

> 2nd,
> 	I've set a up nessusd host for a large group of people
> to access. How many simultaneous scans can I expect one nessusd 
> to handle (ex: dedicated machine FreeBSD/Athlon 500/128 Megs/10Base-T )? 
> What can I do to increase performance and number of users besides
> more hardware?

I can not give you any figure regarding the number of scans you can do
simultaneously. If you set up things that way :

	- prevent people from using the nmap wrapper (delete
	  nmap_wrapper.nes)

	- in nessusd.conf, have a limited number of threads (8), this
	  can't be overriden by users

	- have only nessusd running on your server

Then I would expect you to be able to scan ~50 hosts at the same time.
(I consider these as pessimistics figures, make that 75 - 100 and be
optimistic). Remember that nessusd users fork() that does copy-on-write,
and that few things are written over after the fork, so a lot of memory is
shared. (yes, RAM shortage is the biggest issue).

If you give 5 threads per user, that's 10  - 20 users at the same time.
[did I tell you that these were estimations]

What takes memory today are the nmaps launched by nmap_wrapper.nes 
(they take up to 10mb each, whereas the other typical nessus plugins
take 300 - 600kb each).


				-- Renaud

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic