Slashdot Mirror

← Back to Stories (view on slashdot.org)

Nessus 3.0 discussed

Posted by ScuttleMonkey on from the profits-and-the-bottom-line dept.

An anonymous reader writes "Nessus is one of the world's most popular (open source) vulnerability scanners, used in over 75,000 organizations world-wide. Many of the world's largest organizations are realizing significant cost savings by using Nessus to audit business-critical enterprise devices and applications. With the recent news of going closed source Ron Gula took a few minutes to talk to SecurityFocus. From the article: 'I speak to a lot of different open source project managers and they say similar stuff -- it's mostly free users and not really code contributors.' What would happen now? Nessus 3 will provide an average 5x speed improvement compared to the old, but open source, 2.x version, and a lot of new features."

3 of 131 comments (clear)

  1. Re:GPL resistance? by dada21 · · Score: 3, Insightful

    But are most users incorporating Nessus code or are they using Nessus as a standalone product?

    I'd assume utilizing GPL'd software in a standalone fashion should have no bearing on your output, right?

  2. Re:Hold your horses by Kjella · · Score: 4, Insightful

    They are looking to make money on their support of the product, which is a well astablished model.

    And fully possible without closing the source. The name can be protected by trademark, and people will rather have the developers supporting it than someone else. Besides, there is no reason to assume it will continue to be free. Basicly, it's no longer an OSS project, it's freeware given away by a business. Been there, in general rarely been happy with it. Expect NessusPlus for $$$ soon.

    --
    Live today, because you never know what tomorrow brings
  3. End of the day, you don't eat good intentions by xtal · · Score: 5, Insightful

    It's unfortunate it went closed source versus a service-supported model, but in the real world, there's cheques to sign. If one group is doing the efforts and not being compensated, that's the cathedral model, and cathedrals have collection plates. Open source works best when users are developers. That also explains the state of most of the user interfaces on the more complicated projects. (sarcasm, but with a grain of truth)

    Something else I've noticed is open source works well on widgets and shared components and APIs. Once the toolset becomes very focused and vertical in appeal, the model works less well - unless the users are also developers.

    It will be interesting to see how the forked version works.

    Smoothwall has done a good job with their approach. We'll see how it continues in the future.

    --
    ..don't panic