Michel Arboi wrote: ...
> So we switched to a standard crypto layer: SSL/TLS. > > So far so good. > > I can now claim that we reached our goal: 90% of the traffic on this > mailing list is NOW related to problems like "Server does not use NTP > xxx or is TCP wrapped". > > Great <grin> > > I will say it once more: PEKS is incompatible with TLS and TLS is > incompatible with PEKS. > > <sigh> > > So if you want to connect to a 1.2 nessusd server, you have to use a > 1.2 nessus client. Or a recent NessusWX client. > Old or obsolete or unmaintained or not yet updated clients do _not_ > speak SSL. > More: old 1.1.x clients (but not so old) used SSLv3 instead of TLSv1. > > The only thing that 1.0.x and 1.2.x have in common are... surprise > surprise... clear text communications! ... Ok, while on the subject, is there any documentation on how to accomplish this secure communication ? I had been using nessusd on the same laptop as the client, so opted for quick-n-dirty cleartext, but now I need to set up an alternate server on a remote machine and would prefer to protect communications. Perhaps I missed it, but I couldn't find any clear indication on how to do this on 1.2.0. Thanks, J. Courcoul
