john.r.moser at gmail.com
Mon Apr 2 19:41:43 CEST 2007
Will OpenVAS continue to utilize Nessus libnasl from the Nessus open
source client, and remain compatible with Nessus plug-ins? I believe
staying API-compatible with Nessus libnasl will be a strong move, as
Tenable gives us a very good vulnerability plug-in stream.
It may be wise to work with Tenable to concoct an RFC for NASL. A
standardized Network Attack Script Language would allow other projects
similar to this or Metasploit to take advantage of a standard method of
creating attack scripts. Consideration on extension of the language to
support operation as Metasploit does may also prove interesting (i.e.
have NASL support giving plug-ins hooks that allow connecting together a
scan with an exploit, and an exploit with a payload; while scanning, a
safe scan would not use an exploit and a more reliable scan would use an
exploit connected to a payload that just ack'd back a message like
"Attack Confirmed" and closed the connection).
I am not sure how open Tenable will be to RFCing NASL. They closed
sourced Nessus because everyone else was slapping their name on it.
Ideally, the Nessus subscription feed would give Tenable revenue;
however, this didn't happen. I don't know what to do about that... they
have a business to run, they had obvious problems with what was
happening, and we can't really fault them. As an end-user, I don't want
to lose Tenable as a valuable source of vulnerability scanning plug-ins.
More information about the Openvas-discuss