Hi everyone. :) On Mon, 2010-03-08 at 17:56 +0530, Chandrashekhar B wrote: > I think OpenVAS has come a long way in terms of vulnerability detection too, > in recent times. Of course improvement is always needed. It is a community > effort after all, if there are missing checks, please post them to > openvas-plugins, including any research findings if some effort has already > gone in that direction.
My colleagues and I have recently been trying to port exploit and dos modules from Metasploit. In the process we've concluded that OV misses a lot of remote checks for these well known vulnerabilities. But on the other hand, we've noticed that some of the important brand new vulnerabilities were quickly NASLed (such as ms09-050), which is very cool. IMHO the only issue here is the rate at which the remote checks are being developed. > We can have a kind of track sheet where all these > requests are logged and tracked. Totally agree! > We'll put in our best efforts to take them > for implementation. Same thing here. :) Regards, Dražen. -- Laboratory for Systems and Signals Department of Electronic Systems and Information Processing Faculty of Electrical Engineering and Computing University of Zagreb _______________________________________________ Openvas-plugins mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins
