> > I use Nessus for Windows. I turn off some of the plugins in some families > > so I see mostly vulnerabilities in my reports. But once you start selecting > > individual plugins rather than families, plugin updates become a problem. > > You don't know what's new, so you have to review the plugin lists. Is there > > a way to tell what's changed or new? All the plugins get the current date > > when I update. I suppose I could make a copy of the plugin directory and > > use > > a differencing program, but it seems there should be a better way. > > Hi Bob, > > Have you considered the RSS plugin feed? > > http://www.nessus.org/rss-plugins.xml > > This is updated as soon as Tenable releases a new plugin.
There's certainly useful info in this feed, but it isn't directly coupled to the state of installed plugins on my scanning pc. I make the problem worse by only using Nessus intermittently. (We use mainly Shavlik for scanning and deploying to Windows machines, but Nessus checks for things that Shavlik does not.) I did try making a copy of the plugins directory, updating plugins and running WinMerge (http://sourceforge.net/projects/winmerge/) to see what changed. It worked much better than I expected. In particular, comparing the plugins by content took only a few seconds. This will meet my needs. _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
