Word broke on October 5 that Tenable Network Security, the company founded in 1998 to hold the copyright for Nessus, would not release Nessus 3.0 under the GNU General Public License (GPL). The company said it would continue to maintain the GPLed 2.2.x series, but would not open the source of the impending Nessus 3. By October 10, the GNessUs project launched a fork based on Nessus 2.2.5 and a community quickly began forming around it.

Tim Brown, a penetration tester for Portcullis Computer Security Limited in the UK and founder of GNessUs, said the idea to fork the project came out of conversations with colleagues in the security industry in England.

Brown said that the company's move to drop the GPL for Nessus 3 was no great surprise after Tenable split the plugin streams for the software and ignored concerns by Brown and others that vulnerabilities would be missed because people refused to check the streams for either fiscal or ethical reasons. "My fork is dedicated to that community," Brown said.

The split last December created a three-part stream structure that offered a fee-based "Direct Feed" with the latest vulnerability checks available from Tenable, a delayed feed available to those who registered with Tenable and agreed to Tenable's license agreement for plugins, and a "GPL Feed" with plugins from the user community.

Read this full article at Newsforge

Write Comment
Please keep the topic of messages relevant to the subject of the article. Personal verbal attacks will be deleted. Please don't use comments to plug your web site.. Such material will be removed.
Name:
Title:
Comment:
Code:*

Powered by AkoComment!