Re: nessus closes source question

["sara fink" <sara.fink () gmail com>]

> Nessus is more than just "nessus" though.  They also have reporting
> and if you give them money, Lightning for easy management.  Also,
> their signatures are updated without the entire product needing to be
> reinstalled.  Since Tenable is a commercial entity, they have SLAs
> that they maintain and have an big incentive to get sigs for new vulns
> out as soon as they can.

These SLAs cost money.
> Plus they tie many of their checks back directly to CVEs and vendor
> patches where as nmap doesn't try to get that fancy.

Sad.
> I think Nmap is *already* capable of doing everything Nessus was doing
> six years ago (when Tenable was born) because of the flexibility Lua
> and NSE provide.  All we need is people to keep writing useful
> scripts.

I wish I knew. I am very new to scripting and nmap. Maybe some video
examples of scripting will open the apetite.

Is there a database of scripts? I never used it with nmap.
> -Jason
>
> --
> NOTICE: Reading this email message requires root privileges which you
> do not appear to possess. Sorry, dude.

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org