Re: Nessus - open or closed source?

From: Jay D. Dyson (jdyson@treachery.net)
Date: Fri Nov 04 2005 - 11:03:04 EST

• Next message: Jason Thompson: "Re: Cisco Secret 5 and John Password Cracker"
• Previous message: Peter Wood: "Re: Spi's products worth a try? Or any suggestions for developers' tool?"
• In reply to: brandon.steili@gmail.com: "Re: Nessus - open or closed source?"
• Next in thread: Justin.Ross@signalsolutionsinc.com: "Re: Nessus - open or closed source?"
• Reply: Justin.Ross@signalsolutionsinc.com: "Re: Nessus - open or closed source?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, 4 Nov 2005, brandon.steili@gmail.com wrote:

> Sounds about right. Here's a link:
> http://www.networkworld.com/news/2005/101305-nessus.html

Quoting from the article:

         "We want to bring Nessus to a larger audience, so
         Nessus 3.0 is going to be closed source, Gula said.
         If its not open source, a lot of government agencies
         and enterprises can use it, where before they wouldnt."

         This is absolute nonsense. Many government agencies and private
enterprises with clued IT security folks already use Nessus and have for
quite some time. In this move, all Tenable has ultimately done is pervert
Nessus into a latter-day ISS clone.

         This shift toward commercialized closed-source silliness renders
any use of Nessus untenable* in my book. I will no more recommend its
future use than I would ISS.

- -Jay

* - No pun intended.

    ( ( _______
    )) )) .-"There's always time for a good cup of coffee."-. >====<--.
  C|~~|C|~~| \------ Jay D. Dyson - jdyson@treachery.net ------/ | = |-'
   `--' `--' `------ Security through obscurity isn't. ------' `------'

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (TreacherOS)
Comment: See http://www.treachery.net/~jdyson/ for current keys.

iD8DBQFDa4ZAdHgnXUr6DdMRAnCuAKCKFtUvaEewRbuV/dm6BKRollYlegCgytYK
odWcfpRyZ/6ntr0yl7IWntE=
=VQpM
-----END PGP SIGNATURE-----

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: Jason Thompson: "Re: Cisco Secret 5 and John Password Cracker"
• Previous message: Peter Wood: "Re: Spi's products worth a try? Or any suggestions for developers' tool?"
• In reply to: brandon.steili@gmail.com: "Re: Nessus - open or closed source?"
• Next in thread: Justin.Ross@signalsolutionsinc.com: "Re: Nessus - open or closed source?"
• Reply: Justin.Ross@signalsolutionsinc.com: "Re: Nessus - open or closed source?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:08 EDT