[Openvas-discuss] Scanning a whole net?

Thomas Reinke lists at securityspace.com
Mon Aug 8 02:59:31 CEST 2011

As an FYI, you should be able to, without excessive extra load on the
server, up the number of max_checks run concurrently per IP without
significant increase in memory on the server running the check.

Increasing concurrent hosts, for each IP, adds a non-trivial overhead
in memory to the system - that's the big hit. If you want to increase
one of these on a memory constrained system, go for an increase in
max_checks before increase in max_hosts.

If you DO increase the max_checks, be careful, because at somepoint,
the scanner may start loading the scanned server to the point where
reliability may suffer.


Roy Sigurd Karlsbakk wrote:
>>> - Any idea how I can get rid of this?
>> Try restart the Manager.
> Tried that, no luck, but I resorted to removing the entry from the database (/var/lib/openvas/mgr/tasks.db). Hope that doesn't break anything...
>>> - Is there a way to limit parallel checks to a certain amount of
>>> hosts,
>>> or should I split up the network for checks from this rather antique
>>> box?
>> My netbook with 1GB struggles to run the full set of OpenVAS
>> components
>> reliably.
>> The Scanner preferences max_hosts and max_checks control the number of
>> concurrent hosts and NVTs.
> I found out, after some trial and error. Had to create openvassd.conf - it wasn't there and the values in openvasd.conf didn't change anything. Running now with rather low values for those, and it seems the server can handle it.
> Thanks a bunch
> roy
> --
> Roy Sigurd Karlsbakk
> (+47) 97542685
> roy at karlsbakk.net
> http://blogg.karlsbakk.net/
> --
> I all pedagogikk er det essensielt at pensum presenteres intelligibelt. Det er et elementært imperativ for alle pedagoger å unngå eksessiv anvendelse av idiomer med fremmed opprinnelse. I de fleste tilfeller eksisterer adekvate og relevante synonymer på norsk.
> _______________________________________________
> Openvas-discuss mailing list
> Openvas-discuss at wald.intevation.org
> http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

More information about the Openvas-discuss mailing list