I'm also curious about what kind of quality control there is on the plugins. Does anyone do any QC on them (Tenable or GPL) before they are officially available? If one writes a plugin that feels should be included, what is the process of submitting it and then how is it determined to be officially added to CVS?
P.S. It seems that your certificate for free feed registration has a problem with it.
----- Original Message ----- From: "Renaud Deraison" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Tuesday, December 07, 2004 9:29 AM
Subject: Nessus News (2.2.1 / Plugin Feed / New WebSite)
Hello everyone,
I'd like to do several announcements today :
1. Change in policy in the Nessus Plugin Feed 2. Nessus 2.2.1 has been released 3. NessusWX workaround 4. Nessus.org got a facelift
1. Change in policy in the Nessus Plugin Feed ---------------------------------------------
We have decided to change the way the new plugins are being released and published. Today, whenever a user types 'nessus-update-plugins', he receives all the newest plugins from http://www.nessus.org/nasl/all-2.0.tar.gz.
Basically, several changes are occuring :
- The first one, is that the current feed will only contain GPL plugins (ie: currently about 2,000 plugins). This means that the current command "nessus-update-plugins" will continue to work properly, but you will get less plugins than what you can get today, as (as many of you have noticed), plugins released by my company (Tenable) are *not* released under the GPL
- When downloading Nessus 2.2.1 (and newer), you now have the opportunity to "register". ie: submit your email address and you will receive an "activation code", which will entitle you to receive a full plugin feed (GPL + Tenable). We do not intend to contact you thru this email address, except to send you an activation code and to inform you if you generate too much traffic (believe it or not, there are people out there downloading all the Nessus plugins _EVERY MINUTE_). To use the activation code, you'll need to upgrade to Nessus 2.2.1 and use the new 'nessus-fetch' command line utility.
- Users now have the opportunity to buy access to a "Direct Plugin Feed". What this really means is that the free feed will actually be delayed by seven days for non-GPL plugins. If you are one of these companies who need to be 100% up-to-date, such a subscription will be of some interest to you. More information at :
http://www.tenablesecurity.com/products/direct.shtml
So there are three ways to update plugins now :
- a GPL feed containing the plugins submitted by the community ;
- a Registered feed containing the latest plugins submitted by the community, and the plugins written by Tenable delayed by 7 days ;
- a commercial Direct Feed which contains all the newest and greatest plugins ;
_______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
