Table of Contents
Advertisement
The top level page has a checkbox Block Unscanned Hosts which defines the behavior
for a host which hasn't been scanned or is not defined to be scanned.
The Simultaneous Probes setting specifies the maximum number of different hosts that
should be scanned together.
The Minimum Inter Probe Delay specifies a minimum number of seconds between
scans of a single host. It also specifies the maximum time for changes to take effect.
In addition to enforcing the services aspect of security groups, it is possible to include a
number of NASL (Nessus Attack Scripting Language) scripts in /etc/config on the unit and
to define some or all of these to be run against the target hosts. Typically, one would use
attack scripts from the Nessus suite to scan for specific vulnerabilities and exploits on a
host. If any script detects such vulnerability, Internet access is again blocked. The list of
available scripts is automatically populated from the files ending with .nasl in /etc/config.
Security groups may overlap with respect to hosts within them. In this case, a single
allow service overrides any number of denies of that same service. However, NASL
scripts and overlapping groups do not interoperate particularly well and should be
avoided.
177
Firewall
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
Need help?
Do you have a question about the SG300 and is the answer not in the manual?
Questions and answers