RE: Nessus - open or closed source?

From: Juan Carlos Reyes Muñoz (jcreyes@etb.net.co)
Date: Sun Nov 06 2005 - 11:00:32 EST


Folks,

I am sure that if Nessus become closed source it will bring many other
efforts to maintain Nessus-clones open source, maybe with a better design.

The matter is, I really like Nessus, but recently it is becoming unpractical
if it keeps relying on the large and endless growing plug-in database....

Time to search for alternate tools!

Juan Carlos Reyes Muñoz
GIAC Certified Forensic Analyst - SANS Institute
____________________________________
Consultor en Seguridad Informática
Móvil: (57 311) 513 92 80
Bogotá - Colombia - South America
 
Miami Mailbox
1900 N.W. 97th Avenue
Suite No. 722-1971
Miami, FL 33172
____________________________________
 
Las opiniones expresadas en esta comunicación son enteramente personales. De
igual manera, esta comunicación y todos sus datos adjuntos pueden ser
confidenciales y exclusivamente para el destinatario. Si por algún motivo
recibe esta comunicación y usted NO es el destinatario, hágamelo saber
respondiendo a este correo y por favor destruya cualquier copia del mismo y
de los datos adjuntos. Por favor tambien trate de olvidar cualquier cosa que
haya leido en esta comunicación, excepto en esta parte. Está prohibido
cualquier uso inadecuado de esta información, así como la generación de
copias de este mensaje. Gracias.
 
The contents and thoughts included in this e-mail are completely personal.
This e-mail message and any attachments may be confidential and privileged.
If you are not the intended recipient, please notify me immediately by
replying to this message and please destroy all copies of this message and
attachments.Please also try to forget everything you have read that was
contained in this E-Mail message, except this part. Misuse, copying and
redistribution of this e-mail are forbidden. Thank you.

-----Mensaje original-----
De: Giancarlo Razzolini [mailto:linux-fan@onda.com.br]
Enviado el: Viernes, 04 de Noviembre de 2005 01:54 p.m.
Para: pen-test@securityfocus.com
Asunto: Re: Nessus - open or closed source?

Joachim Schipper wrote:
> On Fri, Nov 04, 2005 at 06:44:17PM +1100, Serg B. wrote:
>
>>Hi All,
>>
>>I don't recall where I read it, but... Something about Nessus going into
>>proprietry market and that future releases of the scanner will not be
>>available under GPL licence.
>>
>>Could someone confirm that or...?
>>
>> Serg
>
>
> If I'm not mistaken, it's Full-Disclosure you're thinking of.
>
> See
>
http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/037863.html
> and the thread following it.
>
> Though the information in there could be more complete... search around.
>
> Joachim
>
>
----------------------------------------------------------------------------

--
> Audit your website security with Acunetix Web Vulnerability Scanner: 
> 
> Hackers are concentrating their efforts on attacking applications on your 
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers
are 
> futile against web application hacking. Check your website for
vulnerabilities 
> to SQL injection, Cross site scripting and other web attacks before
hackers do! 
> Download Trial at:
> 
> http://www.securityfocus.com/sponsor/pen-test_050831
>
----------------------------------------------------------------------------
---
> 
> 
Right now the plugin feeds of the nessus are under the tenable license.
Only the client and the server are under GPL. The OpenVAS project is the
continuation of the gnessus project. It's a great loss for the security
guys that rely on nessus for making their pen tests. I hope that the
OpenVAS project does keep the same quality level of the nessus project.
-- 
Giancarlo Razzolini
Linux User 172199
Moleque Sem Conteudo Numero #002
Slackware Current
Snike Tecnologia em Informática
4386 2A6F FFD4 4D5F 5842  6EA0 7ABE BBAB 9C0E 6B85
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 
Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------


This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:08 EDT