I'm not sure who started the pissing contest, but I thought I'd throw out what I think, too.
If I tell nessus to scan 255 systems but scan them 12 at a time, how hard would it be to have nessus send the request to nmap to scan all 12 of them with a single instance of nmap and then grep the output for the correct information? I can write a perl script (sorry, C is not spoken here) to do it in under an hour. You guys act like God himself would have to come down and divinely inspire the code. The 'grepable' output is extremely parsable. It has tabs and slashes and other clues to make it easy to break back out. That would not require any more libraries being linked against or anything. I'd think that the two projects nmap and nessus would be eager to work together and would rely on cynicism to try to "guilt" the other parties into bending to the other's will. I, personally, see no reason for Fyodor to change nmap's code to comply with some artificial "limitations". Likewise, if the nessus coder's don't want to modify their code to conform to how nmap does things, then so be it. The interim fix is to run nmap first, then import the results into nessus. This works. It is a kludge, but it works. Incidentally, and this is for Fyodor, how is ISS integrating the nmap OS detection feature into Internet Scanner 7.0? I know they licensed something, but I am not sure what or how they are using it in their product. -Jason
