Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

MARS Vulnerability Assessment

We tried turning on the VA capabilities of MARS and it appears that they were crashing a number of services on a number of servers.

Where can I get a log of what was scanned, what type of scan was performed, and when it was performed?

Also how can I see what event triggered a vulnerability scan?


Re: MARS Vulnerability Assessment

I've yet to use this feature of MARS on a production network. I can tell you what the book by Dale Tesch has to say about your question regarding the VA logs:

"Vulnerability data cannot be viewed in CS-MARS."

The book goes on to state, "CS-MARS does not do a full-blown VA on a target machine but it selects tests to run based on the traffic seen."

This doesn't appear to be a well documented feature of MARS. Hopefully Cisco will augment the literature on this subject. For now the VA process may simply fall under the category, as much of MARS does, of being proprietary information.

Hope this helps, Chris.