Federico Biancuzzi, 2005-11-24
SecurityFocus interviews Ron Gula to get a glimpse of Tenable's upcoming free (but closed-source) Nessus 3 vulnerability scanner. The discussion looks at license changes, community involvement, daemon security, new features, GPL open-source versus free, NASL, and more.
Colapse all |
Post comment
Tenable discusses the Nessus 3 release
2005-11-25
Anonymous (4 replies)
Anonymous (4 replies)
Re: Tenable discusses the Nessus 3 release
2005-11-26
Ron Gula
Ron Gula
> Customer demand?! Nessus has always been free, > what prevented Tenable to offer support and
> training for Nessus 2?
To many organizations GPL software is not authorized, even though there is no cost to use the Nessus 2 daemon.
Nothing technically prevented us from offering traning or su...
[ more ] [ reply ]
> training for Nessus 2?
To many organizations GPL software is not authorized, even though there is no cost to use the Nessus 2 daemon.
Nothing technically prevented us from offering traning or su...
[ more ] [ reply ]
Re: Tenable discusses the Nessus 3 release
2005-11-27
Tsume
Tsume
The problem was people taking Nessus 2, and hiding the programs in a product. Giving away the source, but making it seem like they've really done the work. Which is allowed by the GPL. One example is how I would be able to take Nessus 2, and place anything I want in an appliance. Then I could sell i...
[ more ] [ reply ]
[ more ] [ reply ]
Re: Tenable discusses the Nessus 3 release
2005-11-27
Anonymous
Anonymous
"Why did you choose to change the license of Nessus?
Ron Gula: Customer demand. Organizations want a free product that they can use, and a place they can get commercial support and training from if needed."
Read: "There is still room to manouevre in the commercial security scanner market, so ...
[ more ] [ reply ]
Ron Gula: Customer demand. Organizations want a free product that they can use, and a place they can get commercial support and training from if needed."
Read: "There is still room to manouevre in the commercial security scanner market, so ...
[ more ] [ reply ]
Tenable discusses loss of free software community
2005-11-26
Anonymous (1 replies)
Anonymous (1 replies)
"Ron Gula: There [was a] very small benefit to working with one set of code, but the overwhelming reason was to have a better relationship with our user base - a majority of which can't really use GPL code. Of course everyone does, but in this day an age of SOX, FISMA and 'process' a lot of folks ar...
[ more ] [ reply ]
[ more ] [ reply ]
Re: Tenable discusses loss of free software community
2005-11-30
kRinSH
kRinSH
I seriously doubt this. Granted, the paying user base may remain limited; but the GPL version of the software will only be maintained if the original developers continue to work on it - and honestly I don't think they will with the prospect of making money from closed source. Makes me wonder what ...
[ more ] [ reply ]
[ more ] [ reply ]
People tried to contribute - but you rejected them.
2005-11-27
Anonymous (1 replies)
Anonymous (1 replies)
Ron, what do you have to say to explain some comments posted on Slashdot by a contributor, along these lines:
First of all, according to multiple sources, apparently the reason why there isn't a significant number of free plugins is because Renaud et al simply don't accept them, or when they do a...
[ more ] [ reply ]
First of all, according to multiple sources, apparently the reason why there isn't a significant number of free plugins is because Renaud et al simply don't accept them, or when they do a...
[ more ] [ reply ]
Re: People tried to contribute - but you rejected them.
2005-11-28
Ron Gula
Ron Gula
I say that people should go to nessus.org and look at the plugin database for themselves to see who is contributing. Just looking at the last 20 or so newest plugins has three or four non-Tenable and non-Nessus contributors.
http://www.nessus.org/plugins/index.php?view=newest
There is also a ...
[ more ] [ reply ]
http://www.nessus.org/plugins/index.php?view=newest
There is also a ...
[ more ] [ reply ]
OS Support (Was "Tenable discusses the Nessus 3 release")
2005-11-30
Richard Johnson
Richard Johnson
I'm a bit saddened that the discussion of hardening nessus against malicious scan targets attempting to compromise the scanner with creative answers to the scan packets wasn't more closely intertwined with the OS support section of the interview.
Because I worry about such things quite frequently...
[ more ] [ reply ]
Because I worry about such things quite frequently...
[ more ] [ reply ]
Tenable discusses the Nessus 3 release
2005-11-30
Anonymous
Anonymous
Start off a project with an innovative idea identifying niche in opensource environment. Get heavily involved make it a success (major contributions from the contributor base). When you'v had it and have opportunities by money-paying customers. Close it all, all contributors go to hell. Keep a lame ...
[ more ] [ reply ]
[ more ] [ reply ]
Ron Gula: Customer demand. Organizations want a free product that they can use, and a place they can get commercial support and training from if needed."
Customer demand?! Nessus has always been free, what prevented Tenable to offer support ...
[ more ] [ reply ]