Is there a difference in running Nessus Windows on Windows Server (2003) versus Windows XP (Home & Pro)?
A. Yes. Microsoft has added changes to Windows XP Service Pack 2 (Home & Pro) that may impact the performance of Nessus Windows. The TCP/IP stack now limits the number of simultaneous incomplete outbound TCP connection attempts. After the limit is reached, subsequent connection attempts are put in a queue and will be resolved at a fixed rate (10 per second). If too many enter the queue, they may be dropped. See the following Microsoft TechNet page for more information: http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2netwk.mspx This has the effect of causing a Nessus scan on Windows XP to potentially have false negatives as XP only allows for 10 new connections per second that are incomplete (in a SYN state). For better accuracy, it is recommended that Nessus on a Windows XP system have its port scan throttle setting down to the following, which is found in the individual scan configuration for each scan policy: Max number of hosts: 10 Max number of security checks: 4
A. Yes. Microsoft has added changes to Windows XP Service Pack 2 (Home & Pro) that may impact the performance of Nessus Windows and cause false negatives. The TCP/IP stack now limits the number of simultaneous incomplete outbound TCP connection attempts. After the limit is reached, subsequent connection attempts are put in a queue and will be resolved at a fixed rate (10 per second). If too many enter the queue, they may be dropped. See the following Microsoft TechNet page for more information: http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2netwk.mspx This has the effect of causing a Nessus scan on Windows XP to potentially have false negatives as XP only allows for 10 new connections per second that are incomplete (in a SYN state). For better accuracy, it is recommended that Nessus on a Windows XP system have its port scan throttle setting down to the following which is found in the individual scan configuration for each scan policy: Max number of hosts: 10 Max numb
Related Questions
- Is it okay to use Windows XP Home, instead of Windows XP Professional, on a client in a Windows 2000 Server setup?
- Cannot use smart card credentials to logon when running Remote Desktop on Windows XP or Windows Server 2003?
- Is there a difference in running Nessus Windows on Windows Server (2003) versus Windows XP (Home & Pro)?
