Nmap Development mailing list archives
Re: NMap Scripts Vs Nessus
From: "Jan-Oliver Wagner" <Jan-Oliver.Wagner () greenbone net>
Date: Thu, 5 Aug 2010 16:32:36 +0200
On Mittwoch, 4. August 2010, Jacky Jack wrote:
Thank you all for your clarification. Dražen Popović's responses solve most of my confusion. Sorry, I must start with "Nmap NSE vs OpenVAS"as Nessus has already been out of open-source realm. What I'm worried is : A Nmap developer write a script for a vulnerability check then soon after, an OpenVAS developer write the same check script. And vice versa. So, seeing this case by many new potential contributors, they will confuse which one is used to write script. I want to address this confusion.
The OpenVAS team has a systematic process since 2008 where new tests according to published CVE's are developed. Additionally various BID's and vendor alerts are implemented as "NVT"s (Network Vulnerability Tests). This is all done in NASL, but this NASL is mostly incompatible with the NASL of the proprietary Nessus. As far as I understand, NSE's are released now and then. Usually addressing some selected problem or a problem where a developer is currently very interested in. Please correct me if I am wrong. There is currently no coordination between Nmap and OpenVAS with regard to CVE's implemented or other systematic development effords for known vulnerbilities.
What is Nmap NSE for ? What is NASL for? What are appropriate checks that should be used with NSE? What are appropriate checks that should be used with NASL?
Regardless of which language is nicer, more powerful, more stable or whatever attribute you might think of: NASL to some extend reflects the abilities of the actual OpenVAS scan engine to optimize scans where many hosts are tested with many NVTs. What we, the OpenVAS team, also do is to further develop a powerful framwork around the actual scan engine. We call this "Vulnerability Management" as a level beyond "Vulnerability Scanning". OpenVAS tries not to invent wheels but rather tries to interface with other specialists like Nmap or w3af. To come back to your main question, I can only give a partial, personal answer: IMHO, any sort of OS or Service detection done by Nmap (potentially done in NSE) is good for OpenVAS and helps to avoid redundant developments. All the best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 202460 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- NMap Scripts Vs Nessus Jacky Jack (Jul 29)
- Re: NMap Scripts Vs Nessus Ron (Aug 02)
- Re: NMap Scripts Vs Nessus Patrick Donnelly (Aug 02)
- Re: NMap Scripts Vs Nessus Dražen Popović (Aug 03)
- Re: NMap Scripts Vs Nessus Djalal Harouni (Aug 03)
- Re: NMap Scripts Vs Nessus Jacky Jack (Aug 04)
- Re: NMap Scripts Vs Nessus Jan-Oliver Wagner (Aug 05)
- Re: NMap Scripts Vs Nessus DePriest, Jason R. (Aug 05)
- Re: NMap Scripts Vs Nessus Jan-Oliver Wagner (Aug 05)
- Re: NMap Scripts Vs Nessus Jacky Jack (Aug 07)