Tenable license discussion - Nessus engine
Jason Haar
Jason.Haar at trimble.co.nz
Wed Jan 26 21:23:00 EST 2005
rgula at tenablesecurity.com wrote:
>I'm sure the sourcefire folks are thrilled at haveing a
>another signature farm out there. Having a false positive
>in an IDS sig just means more alerts. Having a bad plugin
>for Nessus means angry system administrators and tarnishing
>the name of Nessus.
>
>
>
Interesting response. So are you saying you don't like it - or it would
break the license? ;-) We are talking theoretically here - there's been
nothing but hot air so far on the issue of others writing "competing"
plugins - but it could (legally) happen?
As far as snort goes, I haven't heard any complaints from Sourcefire
about having the competition - to be honest - they meet the needs of two
different market segments. It's disingenuous to say that a separate
plugins stream would "tarnishing the name of Nessus" - it hasn't
happened to Snort - and a site would have to actually do something to
pull such a structure in. I can't see how they could say it was Nessus's
fault.
In both cases of Snort and Nessus, I like them as they have quality
control of their "official" plugins - but give me the ability to create
my own - or use others that someone else has written. Such a feature is
one of their greatest assets.
--
Cheers
Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
More information about the Nessus
mailing list