GPL Nessus Forks
In case you have missed the announcement, Tenable security has made the decision of commercializing the popular Nessus security scanner within the next month.
As a result, a project group has been formed to release a GPL fork of the Nessus security scanner in the future. This product will probably undergo a name change to prevent problems with support between the commercial scanner and the new GPL fork. In the meantime, it is located at http://www.gnessus.org/doku.php .
Additionally, Handler Kevin Liston noted that another GPL nessus project is located at http://porz-wahn.berlios.de/homepage/about.php .
Two more GPL projects to mention:
Segusius (located at http://sourceforge.net/projects/segusius )
GPL Nesus Checks (located at http://sourceforge.net/projects/gplnessuschecks )
(Thanks Schneelocke for reporting these)
--
Scott Fendley
Handler on Duty
Pedro's Malware Analysis Quiz
--
Scott Fendley
Handler on Duty
Entertaining Bug in Microsoft Word
For those thinking "Where is the security implication of this?", take this as an editorial on software complexity and its connection to security flaws. As software has become more complex, we have seen more and more security flaws found. Simple enough, right? To restate it a little differently, software complexity and flaws detected are directly related. This may not always stay the case, but that is common wisdom in today's world. (Side note: This is not a gripe against Microsoft and should not be read in that light. This is just as relevant to any software vender.)
In this increasingly complex software, how many flaws are there which have remained undetected for years? How many very simple oversights, like the one above, exist in more sensitive modules with security ramifications? How long can a minor flaw stay undetected in popular software packages?
To me, this is a very sobering thought, especially considering the number of ecommerce or medical sites on the Internet today. Somehow, I will not let it make me loose sleep over the (in)security of my private information on the Internet.
For those that have a large amount of copious spare time, feel free to send in other single-word examples of the above to our attention. Hyphenated words are troublesome to native speakers much less computers. If you find any words, please also submit what version of Word exhibited this issue. We will try to find an appropriate contact within Microsoft to send the examples.
Comments