We aren't talking about some commercial software package here. Nessus is an Open Source GPL project.
If Tenable wants to write pulg-ins for it, great! And if they want to charge money for them, well that's their right - but they should keep it TOTALLY out of the default install of Nessus. There should be some kind of separate module one could install if they want to play the little plug-in game with Tenable. Registration with my email!?! If we all just give you our email addresses now, can we forgo this silliness? I find the Tenable take over to be extremely distasteful. Sure they have put a lot of effort and time into Nessus - but so have hundreds of other developers all over the world. Nessus used to be a project, now it's a product :( Jeremy J. Hyland Information Assurance Code 19 NAVSEA Warfare Center Keyport -----Original Message----- From: Utin Mikhail A CONT NPRI [mailto:[EMAIL PROTECTED] Sent: Friday, December 10, 2004 11:54 AM To: 'Renaud Deraison'; [EMAIL PROTECTED] Subject: RE: Problems compiling Nessus 2.2.1 on Solaris All, Hopefully, I will not add more fuel in discussed issue. It looks like almost everybody respects others opinion, right? I would just to add a bit concerning AV software and subscriptions, as I was trying to find examples between SW vendors. AV vendors are in much better position, they sell a lot of copies and can afford free AV update. In NAV, even if AV update via IlfeUpdate expires and it looks like one need to pay $25.99/year, one still is able to download and install Intellegent Update. A bit of manual work... My preferred is TrendMicro, $150 for 5 clients, and free download ... forever? Mikhail Utin AIS Security [EMAIL PROTECTED] 401-832-6584 -----Original Message----- From: Renaud Deraison [mailto:[EMAIL PROTECTED] Sent: Friday, December 10, 2004 2:28 PM To: [EMAIL PROTECTED] Subject: Re: Problems compiling Nessus 2.2.1 on Solaris On Fri, Dec 10, 2004 at 02:19:40PM -0500, Luke Youngblood wrote: > Sorry, I didn't mean to ruffle so many feathers in this mailing list. It's > just that I am 1 week into a 2 week implementation of Nessus as a scanning > solution and all of a sudden I have to start over and there are new costs I > need to present to management, where previously I had sold them on the idea > of Nessus being free. You seem to have misunderstood the concept : Nessus is *still* free. The only difference is that starting 1st, you'll have a 7 days delay between the time Tenable writes new plugins and the time you'll get the updates AND you need to register on the Nessus website (for free). If you can not wait seven days, you can buy a subcription which will give you direct access to the plugins we write. If you installed Nessus 2.0.x and/or Nessus 2.2.0 and for some reason can not upgrade, you can _manually_ register your activation code on plugins.nessus.org (as the instructions in the registration email say) and you'll get a URL where you can download the plugins. At that point, you simply need to modify nessus-update-plugins to change one URL by another. [...] > FWIW I can sympathize with the developers if commercial builds of Nessus are > stealing their code and not honoring the GPL, but one analogy I can come up > with is this: How would you feel if the Apache Foundation all of a sudden > said that you had to "subscribe" to get security updates to Apache? There > would be an uproar. That has nothing to do with it. A security update in Apache means that someone at Apache goofed up, there is a vulnerability, and bad guys can use it to gain the control of your server. The Apache Foundation then fixes the issue and people upgrade. A "security update" in Nessus is a check to detect flaws in another vendor product. A much better analogy would be "what if all of a sudden, you had to pay to get updates to your anti-virus ?". -- Renaud _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
