Nessus 3.0 Released 108
duplo1 writes Tenable Security has announced the release of Nessus 3.0. Nessus is an enterprise level vulnerability scanner and this new version brings a complete rewrite of the Nessus engine redesigned for increased speed and efficiency running on the average, twice as fast as Nessus 2. From the release: "In addition to gaining dramatic improvements in performance, Tenable also provides an optional Direct Feed subscription service for Nessus 3.0 which provides immediate access to new vulnerability checks and entitles Nessus 3.0 users to commercial support from Tenable. The Tenable Plugins include support for a rating methodology called Common Vulnerability Scoring System (CVSS) that can be used to express the criticality of a discovered vulnerability or threat."
There's also the itsy bitsy license change... (Score:5, Informative)
Nessus 3 no longer GPL (Score:5, Informative)
Now that Tenable is /.'d (Score:4, Informative)
http://www.networkmirror.com/EA6knu7cjqyrJMp6/home .businesswire.com/portal/site/google/index.jsp%3Fn dmViewId%3Dnews_view%26newsId%3D20051212005715%26n ewsLang%3Den.html [networkmirror.com]
Re:Nessus 3 no longer GPL (Score:5, Informative)
http://www.openvas.org/doku.php?id= [openvas.org]
Re:Yeah, but there's also... (Score:5, Informative)
"Do you mean to tell me that the Nessus team found every vuln themselves and then coded an exploit to check for such vuln?"
In a nutshell yes. They don't actually find all the vulnerabilities themselves, for that you can simply check the CVE database/etc. However as far as writing the plugins to check for the actual flaw/etc most of those were written by the core team, very few have been contributed by outsiders. Basically Nessus loses almost no outside development in moving to a closed source model, one of the biggest reasons to open source something (gain outside developers).
Re:There's also the itsy bitsy license change... (Score:4, Informative)
***RTFA*** (Score:3, Informative)
You know, not GPL anymore. Did that escape you while writing the ad?
From TFA:
Nessus 3.0 was developed in response to growing market demand from enterprises, government agencies and consultants for a commercially licensed version of Nessus. Nessus 3.0 users will now have access to a number of commercial support and training options from Tenable Network Security. Tenable Network Security will continue to manage, distribute and maintain the open source version, Nessus 2.x. (emphasis mine)
Did that escape you while you were writing your kneejerk response? Of course it did: you couldn't be bothered to read the FIRST PARAGRAPH of the article.