Note: These are my personal opinions. They do not represent USPS or any one else.
I do so love stirring up a hornet's nest, :) I should clarify my statement about egomania. It doesn't apply to just one side of the equation. The "incompatability" between Nessus and Nmap is 100% human created. It could be resolved if people involved put aside their egos. But in IT, far too often problems can not be resolved because IT workers can not separate their emotions from their work. I learned long ago to just not *care* if something I worked on for years was dumped due to bad business decisions. As long as I got paid and appropriately recoginized for my efforts, cest la vie. And yes, this issue has been beaten to death. Hint: Not everyone stays subscribed to the list indefinitely. -------- Jeff Mercer - CISO - Security Vulnerability Assessments >-----Original Message----- >From: [EMAIL PROTECTED] >[mailto:[EMAIL PROTECTED] On Behalf Of Mercer, >Jeff C - Raleigh, NC >Sent: Thursday, May 08, 2008 9:25 AM >To: Michel Arboi; [email protected] >Subject: RE: How to correctly modify nmap.nasl? > >Considering how wildly popular Nmap is, how widely used it is and the >many advantages to Nmap, I've never understood why Tenable Security is >so dead-set against it. > >Other than the ususal egomania of 'Well I didn't write it so I hate >people using it' crap. > >Yes, many folks have no clue how to correctly use Nmap and use it with >Nessus. You will not eliminate those people nor the noise they create. >It's better to teach and expand knowledge than to restrict and play >power games. > >That being said, an import plugin would be damn useful. > >-------- >Jeff Mercer - CISO - Security Vulnerability Assessments > > >>-----Original Message----- >>From: [EMAIL PROTECTED] >>[mailto:[EMAIL PROTECTED] On Behalf Of Michel Arboi >>Sent: Thursday, May 08, 2008 3:23 AM >>To: [email protected] >>Subject: Re: How to correctly modify nmap.nasl? >> >>On Thu, 8 May 2008 11:02:21 +0400 >>"Taras Ivashchenko" <[EMAIL PROTECTED]> wrote: >> >>> I prefer to use Nmap as scanner's backend using nmap.nasl plugin >>> (http://www.nessus.org/documentation/nmap.nasl). >> >>#mode dead_horse_beating on >>This is certainly a bad idea, for kazillons of reasons that have >>already been exposed here. >> >>I am convinced that we should simplify this plugin and allow only >>imports of Nmap results. That is the only sane way to use it. >> >>> And so we need to replace -P0 with -PN in plugin's source. >> >>And break the plugin with old Nmap? >> >>> And I can't use this plugin :( >> >>Set in nessusd.conf : >>nasl_no_signature_check = yes >>or sign the plugin with your own key, and add it >>to /opt/nessus/var/nessus/ (IIRC) >> >>-- >>http://www.bigfoot.com/~arboi http://ma75.blogspot.com/ >>PGP key ID : 0x0BBABA91 - 0x1320924F0BBABA91 >>Fingerprint: 1048 B09B EEAF 20AA F645 2E1A 1320 924F 0BBA BA91 >>_______________________________________________ >>Nessus mailing list >>[email protected] >>http://mail.nessus.org/mailman/listinfo/nessus >> >_______________________________________________ >Nessus mailing list >[email protected] >http://mail.nessus.org/mailman/listinfo/nessus > _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
