Dražen Popović wrote: > Hi everyone. :) > > On Mon, 2010-03-08 at 17:56 +0530, Chandrashekhar B wrote: >> I think OpenVAS has come a long way in terms of vulnerability detection too, >> in recent times. Of course improvement is always needed. It is a community >> effort after all, if there are missing checks, please post them to >> openvas-plugins, including any research findings if some effort has already >> gone in that direction. > My colleagues and I have recently been trying to port exploit and dos > modules from Metasploit. In the process we've concluded that OV misses a > lot of remote checks for these well known vulnerabilities. But on the > other hand, we've noticed that some of the important brand new > vulnerabilities were quickly NASLed (such as ms09-050), which is very > cool. > IMHO the only issue here is the rate at which the remote checks are > being developed.
I would also add inconsistency. There are some remote checks, but not all. And there is no easy classification(time, platform, ...) to say which are implemented and which are not due to different reasons (licensing problems due to old code, some checks are harder to implement, ...). Would be perfect to start a wiki page which will list vulns and status for local and remote implementations, i.e.: MS09-01, local implemented: name-of.nasl, remote not implemented MS09-50, local implemented: name-of.nasl, remote implemented: name-of.nasl SS22-30, local implemented: name-of.nasl, remote check not possible Yes, I know for cve_current.txt on SVN, but the text file doesn't have all the info needed and it is mostly visible to developers. IMHO wiki is much more easier to comment, put links to additional info, edit format and get priority feedback. And it is also easier for people/users to see that as well (so, they don't rely on something that it is not implemented). Kost _______________________________________________ Openvas-plugins mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins
