Re: Nessus free version cancelled, now $1200/year

[Fyodor <fyodor () insecure org>]

On Thu, May 22, 2008 at 10:27:42AM +0200, Renaud Deraison (lists) wrote:
>  
> In terms of contents, we try to keep the two feeds as close from each  
> other as possible. The SCADA and Compliance/Contents Checks are two  
> notable exceptions, and frankly I doubt home users would use them :

All I meant in describing the home feed as "crippled" compared to the
paid feed was that it had fewer plugins (plus the licensing
restrictions which prevent any sort of business use).  It may indeed
still be useful for the home users for which it is intended.

> - The compliance/contents checks are used for regulatory purposes  
> where you can prove to an auditor that every system on your network  
> matches a security policy you defined. This requires time to describe  
> your security policy into a format we call ".audit" files.

Doesn't Nessus come with pre-written audit policies such as CERT
recommendations and NSA best practices?  Those sound like they could
be useful for home users, but admittedly I've never used the feature
so I don't know for sure.

> The chart you are referring to is available at :
>
> http://www.nessus.org/documentation/index.php?doc=faq#anchor54
>
> It currently talks about our current offering (Direct vs Registered  
> Feed). When our policy change goes into effect on July 31st, the chart  
> will be updated to remove the 7 days delay.

Actually you already have a more up-to-date chart in your new feed
FAQ, which is the one I was referring to:

http://www.nessus.org/documentation/index.php?doc=feed-faq#anchor6

Cheers,
Fyodor

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org