I don't want to start a troll, but I fully disagree with this... NessusWX is a real mess, apart for its DB integration, which is only partial for our goals.
I used NessusClient1 on windows and linux because it allows easy build of .nessusrc files for command-line scans and provides the same output report as the command-line nessus. So I was able to use either "one-shot" scans from GUI and routine scans from crontab / command-line and get a consistent reporting for both. As I have no Mac in my environment I can't tell anything about its GUI.... Nessus3 Client provides a more consistent environment across different platforms, and last but not least, is much more efficient than the other GUI. It lacks of the .nessurc generation feature, but its scan policy feature is great It also allows the simultaneous use of different sessions, which was not working well in any previous GUI I used and this feature is really useful in regard of the number of servers I have to check. The export/import feature allows a good integration with previously generated reports The real-time follow-up of the scan is great ( that was a good feature in NessusWX ) . The only drawback I noticed is it's lack of debugging tools/error messages... And the inability to log on scanner with certificates exchange, but this is a planned feature. By the way, is it possible to use our company generated certificates instead of the Nessus provided certificates? Great job. Cordialement / Mit freundlichen Grüßen / Best regards, Patrice ARNAL Alcatel-Lucent Mercer, Jeff C - Raleigh, NC a écrit : > I've never found a truely good Nessus client, not even from Tenable. > :( > > NessusWX is the best I've been able to find but it's largely > orphaned. Tenable should have invested time on re-working it instead > of continually re-writing clients from scratch. I'm assuming Tenable > didn't feel like using 3rd party open source software. Which is > sad... > > Anyways, the new Nessus Client 3 beta is a good start but it's > missing a lot of critical pieces. I think some of these are just not > done yet: > > o Import of configurations AND session results o Export of same o > Support for ALL legacy Nessus data formats (.nsr, .enx, .nbe) o > Database back-end connectivity, so results can be stored in a > database o Multiple result sets per session configuration o Clearer > progress indicators for connecting to Nessus servers, downloading > plugins, uploading configs, scanning, etc. o Better error messages > about problems connecting to a Nessus server o Credential testing > option for quickly testing configured credentials o Better credential > management in general. I should be able to input multiple sets of > different credentials into one database, password protected, and then > simply link a particular credential set (or sets) to a scan > configuration o Reporting! Yeah yeah, Tenable wants everyone to buy > Security Center. Which is absurd if all you want is a few reports for > scans. There's a HUGE difference between running a full-blown SIM and > just wanting to report on some scans o Wizards for performing certain > types of scans. I don't just mean pre-configured sessions, i'm > talking full wizards that step the ignorant through selecting hosts, > credentials, etc. o Management of nessus servers plugin library (i.e. > updating plugins, specifying plugin channel, checking last plugin > update done, etc etc) > > I really could go on. Basically, Nessus has grown-up a lot from where > it started but it still lacks MANY features found in Enterprise > scanning solutions from ISS/IBM, Harris, BindView, etc... And > frankly, most of this is due to the simplified clients. > > > ------------------------- *From:* [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] *On Behalf Of *Michael T Cyr > *Sent:* Friday, September 07, 2007 12:20 PM *To:* nessus *Subject:* > nessus3 annoyances/wish list > > > I'm sure this has been answered before, but an inability to find it > brought me here. > > Ubuntu 7.4 Nessusd 3.0.6 NessusClient 3.0.0 Beta2 and Beta3 > > > When I upgraded from client 2 to 3, i found that my progress bar(s) > are gone. I loved the fact that client 2 gave you the progress of > port scans and vulnerability scans with each client. Now all I can > see is that a scan is either on, or done. Not very much help! Are > there any plans to put progress bars/status back in? Is there an easy > way to count plugins? i found no command line switch in nessusd, > nothing in client 3 will tell you how many plugins are installed or > even used in a policy. Nessusd 2 (i believe it was 2) would load > plugins x/#. I like the progress bar of loading plugins from command > line now better, but the only way I can figure to count plugins is > out of the Nessus software. Is there a way of counting install > plugins other than manually in a browser? > > Thanks Mike > > > -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- > This is a PRIVATE message. If you are not the intended recipient, > please delete without copying and kindly advise us by e-mail of the > mistake in delivery. NOTE: Regardless of content, this e-mail shall > not operate to bind CSC to any order or other contract unless > pursuant to explicit written agreement or government initiative > expressly permitting the use of e-mail for such purpose. > -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- > > > > ------------------------- > > _______________________________________________ Nessus mailing list > [email protected] http://mail.nessus.org/mailman/listinfo/nessus _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
