[openvas-discuss] Contributions (fwd)
mweber at alliednational.com
Mon Nov 7 23:19:15 CET 2005
>>>> Adam Jones <ajones1 at gmail.com> 11/07 10:45 AM >>>
>Sorry guys if this breaks threading on the messages, been looking at
>this through list archives.
I second the apology since I'm responding in like kind...
>I agree that the stable/unstable/testing classification will be
>for plugins. Although some of the categorization features available
>sourceforge are awesome, I think it would turn out to be more
>than it is worth.
Could we consider a two dimensional classification? One side being
stable/unstable/testing and the other being safe/caution/dangerous?
For some of the work I do, living on the bleeding edge is fine and I
grab everything. Other times, I need stability and safety. Some of
customers demand the stability, and the latest tests. It would be
very nice to be able to download the plugins that match just the
I need for the job.
>I also think that auditing should be structured around where a plugin
Accountability is a GOOD thing!
>I know this adds extra work to the project. I think that, given the
>community response to this effort, the people are there to do it.
>Someone earlier said that getting new plugins is essential to the
>success of openvas, and I would like to add that providing a measure
>of quality assurance to the plugins is just as important.
I would also like to see if there is a way to prevent plugin-bloat.
9000+ tests sounds good, until you find out you need more than a
weekend to run the scan on a larger network. Having goals of not
duplicating any tests and not running unnecessary tests would be
E-MAIL CONFIDENTIALITY NOTICE: This communication and any associated
file(s) may contain privileged, confidential or proprietary
information or be protected from disclosure under law ("Confidential
Information"). Any use or disclosure of this Confidential Information,
or taking any action in reliance thereon, by any individual/entity
other than the intended recipient(s) is strictly prohibited. This
Confidential Information is intended solely for the use of the
individual(s) addressed. If you are not an intended recipient, you
have received this Confidential Information in error and have an
obligation to promptly inform the sender and permanently destroy,
in its entirety, this Confidential Information (and all copies
thereof). E-mail is handled in the strictest of confidence by
Allied National, however, unless sent encrypted, it is not a secure
communication method and may have been intercepted, edited or
altered during transmission and therefore is not guaranteed.
More information about the Openvas-discuss