You can try the backport repository from lenny [1] deb http://www.backports.org/debian lenny-backports main
[1] http://packages.debian.org/lenny-backports/i386/openvas-server/download Joseph Abbotts escribió: > I'm all for having more tools to help settle my healthy paranoia but I'm not > seeing the server package: > > Lenny:~/Workbench# aptitude update > Lenny:~/Workbench# aptitude search openvas > p libopenvas1 - OpenVAS shared libraries > p libopenvas1-dev - OpenVAS static libraries and headers > p openvas-client - Remote network security auditor, the > client > Lenny:~/Workbench# aptitude show openvas-server > E: Unable to locate package openvas-server > > (I'll go check the site encase I'm missing a repository or some such odd > thing) > > Also, if upstream is not going to maintain it at all and the Debian package > maintainer's time is then better spend helping with openVAS (if they so > choose of course) then off it goes. It's just a heck of a heavyweight to drop > completely. Between it's reports and importing the NBE into metasploit for > exploit confirmation, it's a hard habit to give up. Any chance of seeing it > in the Non-Free instead has upstream dropped it's upkeep completely? (Boo > Nessus.. Wish they'd have kept to the FOSS lower, value added retail upper > model) > > > Since I've been lurking on the mailing list for a while now, let me also say; > thank you, thank you, thank you. After years of Mandrake/Mandriva, Debian has > been like walking out into the sunshine. Fantastic distribution, thank you > all who do more than my weak PR noise to keep it great. > > > -----Original Message----- > From: Javier Fernandez-Sanguino [mailto:[email protected]] On Behalf Of Javier > Fernández-Sanguino Peña > Sent: Sunday, August 02, 2009 2:03 PM > To: Debian Security > Cc: [email protected] > Subject: Nessus to be removed from Debian, please switch to OpenVAS > > > Dear All, > > I've recently requested Debian Ftp maintainers [1] to remove from the archive > Nessus and all its related packages (nessus-core, nessus-libraries, libnasl > and nessus-plugins). The main reason for this is that upstream is more > focused in maintaining it's non-free version of Nessus (labeled version '3') > than the free version (the 2.2.x branch). Additionally, most of the plugins > (i.e. security tests) are now non-free. > > I encourage people that are looking for an alternative to Nessus to switch to > OpenVAS (Open Vulnerability Assessment Scanner) which is a Nessus fork (based > on the 2.2.x branch) that is actively being maintained and is now available > in Debian. > > No "smooth" transition will be provided from Nessus to OpenVAS, those that > need to switch can, however, possibly reuse the certificates, scanner > knowledgebase and custom NASL scripts used with Nessus with OpenVAS too. > > Both tools can even be installed side-by-side since the OpenVAS server uses a > different port than the Nessus one. > > Installing OpenVAS is Debian easy. To get both the server and the client just > run: > > aptitude install openvas-server openvas-client > > Currently the OpenvAS release in Debian's unstable [2] distribution (2.0.1) > does not provide a way to easily download the plugins from the Internet. > > Packages for the next release (2.0.3) have been worked on at the Debconf and > will be available really soon. With this release you can download the plugins > running (as root) 'openvas-nvt-sync' as described in > http://www.openvas.org/nvt-feeds.html > > If you need help on the migration from Nessus or what more information on the > Debian OpenVAS packages please use OpenVAS' mailing list (in CC:) or the > general user-oriented mailing lists (see http://www.openvas.org) > > > Regards > > Javier > > > [1] See the BTS: #534501, #534502, #534505, #534506 [2] OpenVAS in the stable > (lenny) release is somewhat dated (1.0.2 version) but backports are being > made available too. > > > -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
