Security Basics mailing list archives
RE: Architecture of NESSUS
From: "Rocky Heckman" <rocky.he () g-wizinnovations com>
Date: Mon, 07 Nov 2005 19:37:11 -0700 (PDT)
With all due Respect, I'd have to agree with Clement. If you want to know how Nessus does all this stuff, download the code (http://cvsweb.nessus.org/cgi-bin/viewcvs.cgi/ ) read it and learn what it does. I'm not trying to be cruel here, but if you can't read the code, and figure out how it works, you have almost zero chance of being able to write one that even works much less is better. Study Nessus. It hasn't been the best vulnerability scanner for so long without reason. RH ---------- Original Message ------------- Subject: RE: Architecture of NESSUS Date: Mon, 7 Nov 2005 10:16:19 -0500 From: "Clement Dupuis" <cdupuis () cccure org> To: <koreshicsi () inbox ru>, <security-basics () securityfocus com> Good day to the Boffins, I do not want to be a pessimist but I do not understand how you could come out with a better replacement that is simpler if you cannot answer your own questions below. This is all very well documented and by looking at the code you will be able to find out exactly how it is currently done. I guess your first step would be to study what is currently being done, come out with how can it be done better, and then start coding using your group and the community input. Best of luck Clement
-----Original Message----- From: koreshicsi () inbox ru [mailto:koreshicsi () inbox ru] Sent: Saturday, November 05, 2005 7:13 AM To: security-basics () securityfocus com Subject: Re: Architecture of NESSUS Good time of you... We is group of boffins, who want to do more simple scanner then NESSUS. Now there isn't leader of scanners, we want to try to do it. Help us. we need to know the details about NESSUS vulnerability scanner. Like. 1. The ARCHITECTURE of nessus(nessus client and daemon). 2. How nessus is using different O/S tools like, NMAP, HYDRA.. 3. Which module is responsible for what? means which module of nessus is interacting with NMAP, which is for HYDRA and HOW? 4. Which module is responsible for customization to scan. 5. How to write plug in for nessus and also enable and disable the plug-in(not by using UI) 6. How to customize the report generation of nessus. 7. How can one integrate nessus with IDS to correlate the report and alert to reduce false alert . 8. How each and every module is interacting with each-other.
-- Rocky Heckman Director G-Wiz Innovations Pty Ltd
Current thread:
- Re: Architecture of NESSUS koreshicsi (Nov 07)
- RE: Architecture of NESSUS Clement Dupuis (Nov 07)
- Re: Architecture of NESSUS Aaron Phillips (Nov 08)
- Re: Architecture of NESSUS Li Yinchao (Nov 09)
- <Possible follow-ups>
- RE: Architecture of NESSUS Rocky Heckman (Nov 08)