Ok. Sorry for the off-topic, I'll consider this as my last mail (regarding this issue) to the list.
Renaud Deraison wrote:
> >> Now, how does it differ to a) install from scratch, take care of >> having development libraries installed b) upgrade to a new release >> c) compile for your system (not much difference with a) if the >> product is done properly) > > > This difference is in point (b). If I install FreeBSD and go to > /usr/port/security/nessus/ I'll find a reasonable recent (1.2.7) > version of Nessus, in the stock install. If you feel a little > adventurous, I can even try /usr/port/security/nessus-devel/ and try > 1.3.4. All on the default system. Nothing to change. If I want to do > that on Debian, then I have to "upgrade", which implies I'm familiar > enough to do it.
If you have to manage a Debian system you want to know how the package management system works and how it can be used to your advantage. It _can_ be used as a ports system. I.e:
"take the sources of nessus 2.0.0 and compile them for my system"
equals
"configure apt to access the source tree of Debian"
"ask apt to download sources and compile them:
apt-get build-depends nessus
apt-get source -b nessus
"I fail to see the advantages of a port system vs. that since the same technical knowledge needs to be had in both. (Notice that configuring apt does not necessarily mean editing strange config files, all the package management frontends do that for you)
> > The fact is, a growing number of persons are Windows admins who want > a security scanner for free. They install Linux on vmware only > because there's no Win32 version of nessusd, and as soon as they can, > they switch to NessusWX and only use that. Go explain to them that > they have to switch to unstable (which by the way, does not mean > buggy, even if the name implies that), upgrade their system, and > install nessus from there.
To these people: don't use Debian. Debian is targeted towards individuals who want a rock-solid system, clean upgrades and tested software. I.e. I have servers who have been running _the_same_ OS for years, doing upgrades to new releases as needed.
>> In any case, the policy you call poor and/or stupid is the same for >> Debian, Mandrake or SuSE. Debian has slower release cycles, that's >> all. > > > In a world where Joe Random has a T1-like internet access at his home > for $40 bucks per month, I really fail to understand the point of > "distributions" vs. "base system with ports".
Unfortunately such a world does not exist. You are thinking of the US, I'm thinking of many European countries which pay per connection to the ISP and to many third-world countries which cannot even use the Internet. Sorry.
>> It's also a volunteer-based distribution. I would also like to see >> the kind of support a guy running Nessus from the ports system in >> FreeBSD or installing it on RedHat would get from either one (I >> suspect close to 0, i.e. you're on your own). > > > There are FreeBSD and RedHat user communities. RedHat has a larger > install base than Debian, and if you want support for Nessus, you > should ask it to [EMAIL PROTECTED]
Support in Debian does mean much more than a mailing list:
- there is (public) bug tracking system for every software in Debian. Bugs which are not relative to Debian but to the software are (should be) forwarded upstream.
- there is a maintainer who answers all support requests and takes time to build the new packages when a new release happens [0]
Try to open a bug-support request in RedHat regarding Nessus. I believe with a normal contract agreement they will just say: "not part of the OS, not supported, sorry". Also a user mailing-list is not enough. See http://www.debian.org/support
Notice that IMHO there are more issues involved in maintaining a nessusd server than just installing the software and making it run. Sample is Debian bug #88729 or #110394 which aredistribution-specific. [1]
> Anyway, we're talking about religious issues, so I suggest we close > the thread (I'll even let you conclude it if you want) >
Concluded by me. Just wanted to get my opinion across. In any case I believe that each user has to weight benefits/disadvantages and it's not as simple as saying: use this OS for this.
Regards
Javi
[0] But remember: best-effort, volunteer-based, just like Nessus :-) [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=88729 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=110394
