[prev in list] [next in list] [prev in thread] [next in thread] 

List:       nessus
Subject:    Re: How to tell what's new
From:       Bob Babcock <rbabcock () cfa ! harvard ! edu>
Date:       2007-05-31 15:18:20
Message-ID: 200705311518.l4VFIKkd023619 () cfa0 ! cfa ! harvard ! edu
[Download RAW message or body]

> > I use Nessus for Windows.  I turn off some of the plugins in some families
> > so I see mostly vulnerabilities in my reports.  But once you start selecting
> > individual plugins rather than families, plugin updates become a problem.
> > You don't know what's new, so you have to review the plugin lists.  Is there
> > a way to tell what's changed or new?  All the plugins get the current date
> > when I update.  I suppose I could make a copy of the plugin directory and use
> > a differencing program, but it seems there should be a better way.
> 
> Hi Bob,
> 
> Have you considered the RSS plugin feed?
> 
> http://www.nessus.org/rss-plugins.xml
> 
> This is updated as soon as Tenable releases a new plugin.

There's certainly useful info in this feed, but it isn't directly coupled to
the state of installed plugins on my scanning pc.  I make the problem worse
by only using Nessus intermittently.  (We use mainly Shavlik for scanning and
deploying to Windows machines, but Nessus checks for things that Shavlik does
not.)

I did try making a copy of the plugins directory, updating plugins and
running WinMerge (http://sourceforge.net/projects/winmerge/) to see what
changed.  It worked much better than I expected.  In particular, comparing
the plugins by content took only a few seconds.  This will meet my needs.
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[prev in list] [next in list] [prev in thread] [next in thread]