MARS Built-in tools

Unanswered Question
Jan 18th, 2009

i heared that mars has built-in scanning tools (Nessus, NMAP), but how the steps to enable this tools to work on resulting incidents

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.

Nessus is built-in, hence functional by default. All you got to do is add the devices, use built-in rules which trigger incidents when matched by particualr events/sessions. You don't need to enable/disable these tools as the most recent upgrade of MARS contains most recent signatures/rules for the scanning tools.

regards,

Mohsin

davidcruise Thu, 01/22/2009 - 02:13

well , but for any incident how do i know that nessus or nmap has run a scan during this incident & how can i see the output of the scan

davidcruise Thu, 01/22/2009 - 12:01

you mean that the scan happens in the background but no means to see that scan happened for specific host?

the second issue: if i added third party VA tool like Mcafee founstone , is there any mean to knoe the scans happened & its content & result

Actions

This Discussion