Re: Tenable license discussion - Nessus engine

rgula@tenablesecurity.com wrote:

> I'm sure the sourcefire folks are thrilled at haveing a 
> another signature farm out there. Having a false positive
> in an IDS sig just means more alerts. Having a bad plugin
> for Nessus means angry system administrators and tarnishing
> the name of Nessus. 
>
>  

Interesting response. So are you saying you don't like it - or it would 
break the license? ;-) We are talking theoretically here - there's been 
nothing but hot air so far on the issue of others writing "competing" 
plugins - but it could (legally) happen?

As far as snort goes, I haven't heard any complaints from Sourcefire 
about having the competition - to be honest - they meet the needs of two 
different market segments. It's disingenuous to say that a separate 
plugins stream would "tarnishing the name of Nessus" - it hasn't 
happened to Snort - and a site would have to actually do something to 
pull such a structure in. I can't see how they could say it was Nessus's 
fault.

In both cases of Snort and Nessus, I like them as they have quality 
control of their "official" plugins - but give me the ability to create 
my own - or use others that someone else has written. Such a feature is 
one of their greatest assets.

--
Cheers

Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus