[prev in list] [next in list] [prev in thread] [next in thread]
List: nessus
Subject: Call for beta-testers
From: Renaud Deraison <deraison () nessus ! org>
Date: 1999-03-21 9:45:15
[Download RAW message or body]
Hi !
The next release of Nessus is slowly coming along, with its new features
and bug corrections. Since I plan to release it for the 4th April (the
birthday of the first public release), I'd grateful to anyone who could
try to compile nessus-devel.
1. How to get the latest nessus-devel :
------------------------------------------------------------------------
FTP :
ftp://ftp.nessus.org/pub/nessus/nessus-devel/
ftp://cvs.nessus.org/pub/nessus/nessus-devel/
and
ftp://ftp.esiea.fr/pub/mirrors/nessus/nessus-devel/
(not up-to-date yet)
Be sure to get the version 990321 and the newers
CVS :
See http://cvs.nessus.org/manual.html for details, and
be sure to use the option "-r nessus-devel"
2. The new features that this version brings :
--------------------------------------------------------------------------
- Several port-scanners (TCP FIN/ACK/.... and UDP scan)
- Plugins-preferences
- Public-key authentification for the client (1)
- Better pthreads support (2)
- A basic sniffer (which detects dangerous services being
used)
- Plugins dependencies
- Smarter attacks (3)
- Better configure script
- A new library which replaces the hostsloop library (4)
- A smarter install script
- includes the utility nsr2html which converts .nsr reports
to HTML
- Now installs in /usr/local
- the libpcap is included in the source tree
- The cipher support is now enabled by default
- And a lot of little new features
(1) To use this feature, you must create users via the -P option
of nessusd -- nessusd -h for details.
This require the cipher support.
Use the --disable-pubkey-auth option to not test this feature
(2) I could not test this one extensively
(3) Nessus used to consider that the FTP servers were all on port 21,
www servers on port 80 and so on, so it would fail to attack
a host running a web server on port 5000, or a host with a POP3 server
on port 1100
This is not true any more, a plugin has been designed to guess which
service is running on which port, and it shares its results with the
other plugins.
(4) This library (hosts_gatherer) is in charge of the host expansion
options. It now supports CIDR addresses (which means that you can
test your_host_name/29) but has not been extensively tested yet, so
I welcome tests against big networks.
Also, the NFS expansion has not been added in this library yet.
3. What I expect everyone to do :
------------------------------------------------------------------------
- Download nessus-devel
- Compile it
- And report me the compilation error / bugs / SIGSEGV
encountered
People running Linux and Solaris are welcome to test the --enable-pthreads
option of the configure script and report me whether it works or not.
4. How you can help
--------------------------------------------------------------------------
If someone here could update the manual page, it would be of a
great help. Also, if someone could turn the document doc/plugins_api into
a TeX document, that would be great (this one is not difficult but I admit
it's boring).
Thanks for your help, and I hope that your reports (success or failure)
will help to build a good alpha2.
Thanks,
-- Renaud
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic