Hi there,
I was in the process of cleaning up some code in nessusd, and the "diff scan" feature kept being on my way.
The code for this feature is really ugly, and even possibly broken (it
has not been tested since the late 1.0.x series), and even worse, it's
totally useless (diff(1) does the same job), so I am considering
removing this code altogether, as Nessus is a vulnerability scanner, not
a "everything but the kitchen sink about security" tool.
So, before I totally remove that part of the code, I'd like to know if anyone is actually using it. So please if you use the diff scan feature of Nessus, make yourself heard now, otherwise you'll be disappointed by the release of Nessus 2.2.0...
Yes and no. We arn't using it, but are testing if it's usefull.
I wrote this mail on the mailinglist a couple of days ago, but never got a response.
-----------
We have been experimenting with using Knowledge Base saving and differencial repports, and we have a few questions about that.
It seems that updated plugins won't get run, when KB and diff repports is activated. Eg. if one plugin was run last time we scanned, the the plugin won't get run if it got updated (eg. fixed a problem or so). That sure do look like a problem to me, especially if you have large KB timeout settings, then the updated/fixed/changed/whatever plugin might never get run (again).
We tested this, by running a test, and then we changed the version ID on one of the plugins, and reran the test. That particular plugin was only run the first time.
Anyone else experienced similar problems? -----------
It's probably more about the KB saving than Diff repports, but it's still within the subject.
--
Jesper S. Jensen Basisnet og Sikkerhed Uni-C - �rhus, Danmark +45 8937-6666
