Hello,
a collegue and I intend to translate a couple of plugin descriptions in
German. But we think that the current structure is a little bit bloated
and confusing (if there are more than two languages). We would like to
make a few suggestions for improving the NASL:
1. The "desc" field should be split into "desc", "risk", and "solution"
for simpler information retrieval.
2. The current notation requires entries such as 'desc["francais"]',
'desc["english"]', 'desc["german"]' and so on. We believe it is better
to group the entries either by language or by field name. Example
english {
name = "blablabla";
desc = "foobar";
}
german {
...
}
or
name {
english = "blabla";
german = "fofofo";
}
desc {
...
}
This avoids a lot of redundancy and improves the plugin structure.
3. Are statement such as "script_description(english:desc["english"]);"
really needed? We don't think so.
4. We wonder whether it makes sense to list the family name for each
language:
script_family(english:"Misc.", francais:"Divers");
A little typo in the french name and you get two families! The mapping
of english family names onto french, german, ... family names should
happen at a central place outside the plugins. It is not necessary
repeat this a thousand times and cause inconsistencies.
5. IMHO the current plugin family structure is not optimal. E.g. it is
not a good idea to have "CISCO" and "DenialOfService" on the same level.
The same holds for "Windows" and "CGI Abuses". We propose a hierarchical
structure where the families on the different levels define orthonal
criteria (Type of attack on the first level, type of OS on the second, ...)
We believe that at least some of these proposals could be realized
without major code changes. Moreover, the existing plugins could be
adapted automatically by some PERL scripts.
Kind regards,
Michael
--
=======================================================================
Michael Schmitt Telefon: +49 651 97551-40
Institut f�r Telematik Telefax: +49 651 97551-12
Bahnhofstrasse 30-32 WWW: http://www.ti.fhg.de
D-54292 Trier E-Mail: mailto:[EMAIL PROTECTED]
=======================================================================
-
[EMAIL PROTECTED]: general discussions about Nessus.
* To unsubscribe, send a mail to [EMAIL PROTECTED] with
"unsubscribe nessus" in the body.
