Q: Nessus 3 (http://news.com.com/Nessus+security+tool+closes+its+source/2100-7344_3-5890093.html?tag=nefd.hed) will be closed source. Nessus 2 will continue to be offered, and plug-ins should be back compatible.
Apparently the author does not like people using the license he opted against the company he founded four years after creating nessus. : P
The famous Fyodor (http://www.insecure.org/nmap) reacted with these (http://marc.theaimsgroup.com/?l=nmap-hackersu0026m=112855443819798u0026w=2) message. He has some good points and suggestions.
Some people think of a fork (http://marc.theaimsgroup.com/?l=nmap-devu0026m=112861190807778u0026w=2) 0.
Check Point Software Technologies to acquire Sourcefire (http:// marc.theaimsgroup.com /? l = snort-announceu0026m 112860007500248u0026w = = 2). This should not affect the open snort we all use and love it: shocked:
Interesting interesting news .
Best Answer: Ok, here's how to change the admin account password. First click start>run, then type in "cmd" (without quotes) and press enter. Now at the command prompt, Type "net user [type account name here] *"
now type a password and its changed! If you want any better explanation, go to http://www.youtube.com/watch?v=jQvO0Xp5O… and watch the video.
Re:Originally posted by: guy
This is bad news for OSS and all security people, so if there is an open source tool you use i suggest you contribute to it before it disappears…
Well, all software is really an "organic" creation. Stop watering and feeding it, and it will die. You can water with money, to pay for someone else's labor, or water with your own labor, but it must be looked after regardless.
Re:Originally posted by: guy
Originally posted by: guy
As long as the machine outside the network can reach the machines inside the network, it should work just fine.
Well, actually that is why I said earlier to have one machine outside the network and one machine inside the network (as opposed to trucking it on a laptop). I suppooooose I could but two nics in it, one outside the network and one inside, buuuuuut I don't like that idea. 
I know that's what you said, but I assumed NAT. 
Re:Originally posted by: guy
As long as the machine outside the network can reach the machines inside the network, it should work just fine.
Well, actually that is why I said earlier to have one machine outside the network and one machine inside the network (as opposed to trucking it on a laptop). I suppooooose I could but two nics in it, one outside the network and one inside, buuuuuut I don't like that idea.
Re:Originally posted by: guy
Originally posted by: guy
You could have one outside your network scan your external IPs, and one inside scan your internal IPs. Toss it on a laptop and it can do both.
Well, what I was thinking was… It can probably update on a schedule? And then, maybe I can have it scan on a schedule? like once a month? Then I can collect the reports, make sure no rogue machines have been added to our network, and check for any new vulnerabilities inside our network and from the internet.
As long as the machine outside the network can reach the machines inside the network, it should work just fine.
I'm not sure how cronable it is though, I've only tried the X11 client.
Re:Originally posted by: guy
You could have one outside your network scan your external IPs, and one inside scan your internal IPs. Toss it on a laptop and it can do both.
Well, what I was thinking was… It can probably update on a schedule? And then, maybe I can have it scan on a schedule? like once a month? Then I can collect the reports, make sure no rogue machines have been added to our network, and check for any new vulnerabilities inside our network and from the internet.
Re:Originally posted by: guy
hmmm, never heard of nessus before (it's not like I'm a dedicated IT security specialist or anything). I'll have to put it in my Track-It list to check it out!
So let me run this by you:
Let's say I set up a server and set it outside our firewall, on the internet, and have it run a test against all our internet IPs.
Then, how about I set up a second server and put it inside our network and have it run scans on all our internal servers, maybe even all our internal IPs, workstations and everything!
Browse the reports.
…
Profit?
Is this typically how this program is used?
You could have one outside your network scan your external IPs, and one inside scan your internal IPs. Toss it on a laptop and it can do both.
It'll scan for vulnerabilities and give you a report on what it found. You then have to track down all of the little things to see if there is really a vulnerability there or not.
Re:Interesting news indeed!
Re:posted by legendary hacker fyodor:
When asked why they are making this change, Renaud replied to the
Nessus list today that open source hasn't really worked for Nessus
because "virtually nobody has ever contributed anything to improve the
scanning _engine_ over the last 6 years." This may be the most
important and useful point we can take from this change. Open source
really is a two-way street. The only way we (open source projects)
can seriously compete with projects staffed by dozens or hundreds of
paid full time developers is by having hundreds or thousands of
volunteers each contributing a little bit part time.
This is bad news for OSS and all security people, so if there is an open source tool you use i suggest you contribute to it before it disappears…
Re:hmmm, never heard of nessus before (it's not like I'm a dedicated IT security specialist or anything). I'll have to put it in my Track-It list to check it out!
So let me run this by you:
Let's say I set up a server and set it outside our firewall, on the internet, and have it run a test against all our internet IPs.
Then, how about I set up a second server and put it inside our network and have it run scans on all our internal servers, maybe even all our internal IPs, workstations and everything!
Browse the reports.
…
Profit?
Is this typically how this program is used?
0 Comments.