Thanks Renaud, this is basically what I was looking for. Also are there any changes in the Nessus Transfer Protocol? I sometimes use the perl module Net::Nessus to automate scans, so if there are any changes or new features those would be nice to know about.
Since I'm on the subject, does anyone know what's going on with the development of Net::Nessus. I remember reading a post from George Theall over a year ago saying that he had sent a patch to Tiago to add SSL support. I know there's ScanLite which supports SSL, but it would be nice to have it in the Net::Nessus package as well. If Geroge still had the patch it would be nice to have, otherwise I guess I'll start hacking it myself. Thanks, Dave King Renaud Deraison wrote: > > On Dec 15, 2005, at 9:46, Isac Balder wrote: > >> >> In short I don't beleive Dave King was asking for >> specifics of the code or the algorithims Tenable is >> using to increase perfomance. Let's face it the 6 >> bullets on the release announcement would hardly >> classify as change documentation. > > > You're correct. George is not involved in the developement process > either -- he replied with his point of view of a plugin writer and > does not necessarily knows of all the NASL3-specific changes, since > we all want to write as many NASL2 compatible plugins as possible. > > Here's a slightly more detailed list. Still very high level, though : > > NASL : > > - The NASL syntax and behavior is roughly the same as for Nessus 2.x, > except for the following: > > + It is now legal to have 'arrays of arrays'. Ie: foo[1] = > make_list(1,2,3); works > + It is now legal to write to strings (foo = "str"; foo[1] = "X"; > display(foo); ) > + Some functions to extend the language have been added but are not > documented yet (on the top of my head) : > - socket_ready() returns TRUE if a socket can be written to > - socket_pending() returns TRUE if data is pending on the socket > - prompt() has been re-introduced (this allows you to write > interactive nasl scripts) > - fill_list(length:N, value:X) creates an array of N elements all > set to value X. > + A new packet forgery API (specific to Nessus3) will be released > as .inc files soon > + Support for multiple public keys for signed scripts (so users can > sign their own scripts). Just add your RSA public keys (.pem files) > in /opt/nessus/var/nessus/ > > - 'nasl -k <kb>' loads a KB in memory before executing a script > - 'nasl -W' executes a script but displays compilation warnings > (think 'gcc -Wall') > - 'nasl -V' shows a script ID, name, version,etc... in an easily > parseable way > - 'nasl -VV' does the same as above but also shows the script > description > > - 'nasl -T' has been removed due to the change of interpreter. There > will be a real debugger in a future revision of Nessus (at worse > Nessus 3.2.0, but maybe in a 3.0.x release) -- it's just not ready > for prime time yet. > > > > > nessusd : > > - shared sockets are more robust and more efficient > - internal process communication is more robust and more efficient > - new architecture to execute plugins - instead of running one plugin > per process, only one process is spawned per host > - Plugins are pre-processed and stored in a libdb for a faster > startup of nessusd > - nessusd reduces max_hosts if the CPU is too loaded (throttle_scan = > no in nessusd.conf if you want to disable this behavior) > - nessusd fetches new plugins by itself every 24 hours if it is > registered (auto-update = no in nessusd.conf to disable this behavior). > - nessusd can load '.nasl' files, but also '.nasl3' (nasl3 specific > scripts) and '.nbin' (nasl3 binaries) '.inc3' are also valid > > - 'nessusd -R' forces the re-processing of all the plugins (generates > a new database) > - killall -HUP2 nessusd dumps the state of the various NASL plugins > on disk (in var/log/nessus/) > > > > I'd also like to point out that there is a Nessus 3.0 manual in > http://www.nessus.org/documentation/ which may cover items I've missed. > > > -- Renaud > _______________________________________________ > Nessus mailing list > [email protected] > http://mail.nessus.org/mailman/listinfo/nessus > > > _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
