Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
293
Views
5
Helpful
1
Replies

MARS Vulnerability Assessment

slug420
Level 1
Level 1

‎05-14-2007 04:03 AM - edited ‎03-10-2019 03:36 AM

We tried turning on the VA capabilities of MARS and it appears that they were crashing a number of services on a number of servers.

Where can I get a log of what was scanned, what type of scan was performed, and when it was performed?

Also how can I see what event triggered a vulnerability scan?

Labels:
0 Helpful
1 Reply 1

pmccubbin
Level 5
Level 5

‎05-15-2007 09:27 AM

I've yet to use this feature of MARS on a production network. I can tell you what the book by Dale Tesch has to say about your question regarding the VA logs:

"Vulnerability data cannot be viewed in CS-MARS."

The book goes on to state, "CS-MARS does not do a full-blown VA on a target machine but it selects tests to run based on the traffic seen."

This doesn't appear to be a well documented feature of MARS. Hopefully Cisco will augment the literature on this subject. For now the VA process may simply fall under the category, as much of MARS does, of being proprietary information.

Hope this helps, Chris.

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card