Slashdot Mirror

← Back to Stories (view on slashdot.org)

Nessus 3.0 Released

Posted by ScuttleMonkey on from the now-vulnerable-to-consumer-aquisition dept.

duplo1 writes Tenable Security has announced the release of Nessus 3.0. Nessus is an enterprise level vulnerability scanner and this new version brings a complete rewrite of the Nessus engine redesigned for increased speed and efficiency running on the average, twice as fast as Nessus 2. From the release: "In addition to gaining dramatic improvements in performance, Tenable also provides an optional Direct Feed subscription service for Nessus 3.0 which provides immediate access to new vulnerability checks and entitles Nessus 3.0 users to commercial support from Tenable. The Tenable Plugins include support for a rating methodology called Common Vulnerability Scoring System (CVSS) that can be used to express the criticality of a discovered vulnerability or threat."

4 of 108 comments (clear)

  1. There's also the itsy bitsy license change... by Anonymous Coward · · Score: 5, Informative

    You know, not GPL anymore. Did that escape you while writing the ad?

  2. Re:Nessus 3 no longer GPL by barefootgenius · · Score: 5, Informative

    It has forked though. Here's their DokuWiki link

    http://www.openvas.org/doku.php?id=

    --
    /. bug #926803 - Why I can post.
  3. Yeah, but there's also... by hug_the_penguin · · Score: 5, Interesting
    ...the fact it's majorly improved. Of the people here, most of them won't care that it's closed source, purely because of the reason they closed the source. If it hadn't been for rebranding issues, (IMO a fault with the GPL), nessus would still be open source. It's still the best there is, people will still use it.

    Not everyone will avoid anything that isn't free/libre, especially if the quality is good. The free software community brought it upon themselves by not helping out and in the case of the rebranders, for stealing all sources of revenue nessus had when GPL. 100 hour weeks hacking on code don't come for free, you know. We'd all prefer it to be free, but it's not essential

    --
    ~HTP~ Hug that tux ;)
    1. Re:Yeah, but there's also... by seifried · · Score: 5, Informative

      "Do you mean to tell me that the Nessus team found every vuln themselves and then coded an exploit to check for such vuln?"

      In a nutshell yes. They don't actually find all the vulnerabilities themselves, for that you can simply check the CVE database/etc. However as far as writing the plugins to check for the actual flaw/etc most of those were written by the core team, very few have been contributed by outsiders. Basically Nessus loses almost no outside development in moving to a closed source model, one of the biggest reasons to open source something (gain outside developers).