On Sun, Aug 02, 2009 at 08:03:06PM +0200, Javier Fernández-Sanguino Peña wrote: > I've recently requested Debian Ftp maintainers [1] to remove from the archive > Nessus and all its related packages (nessus-core, nessus-libraries, libnasl > and nessus-plugins). The main reason for this is that upstream is more > focused in maintaining it's non-free version of Nessus (labeled version '3') > than the free version (the 2.2.x branch). Additionally, most of the plugins > (i.e. security tests) are now non-free. > > I encourage people that are looking for an alternative to Nessus to switch to > OpenVAS (Open Vulnerability Assessment Scanner) which is a Nessus fork (based > on the 2.2.x branch) that is actively being maintained and is now available > in Debian. The last time I looked at OpenVAS, admittedly several months ago, it had nowhere near enough coverage in tests for remote vulnerability assessment. I’ll be sure to check myself again soon, but I don’t believe that has changed much, with a concentration on getting the automatically generated local security checks. With that in mind, I do not think the Nessus 2 packages should be removed at this time, and should continue to be available in parallel to OpenVAS. Simon -- A complex system that works is invariably found to have evolved from a simple system that works.—John Gall
Attachment:
signature.asc
Description: Digital signature