Hi,
I don't know if what I am proposing is of any practical use. I plan to
add a database back end to nessus so that the current KB which is
stored in a file is stored in a DB. Some more modifications that I
plan are to get all the config options from a config file also, if
available so that nessusd can be made an independent daemon with out
the client, checking any given network from the config continously.
The database can be queried by a web front end to produce reports
which can give the summary of the problems found in any given time
frame. This will transform nessusd to some thing similar to snort with
DB back end (in the way the daemon runs and not in function)
One use of this functionality is when security scanning is done
remotely by an out source agency and the suites wants to see things like
how many times the network was scanned and how many vuln was found
out in a particular period of time etc...
Is any work going on to change the NTP to some other protocol? I have
one of my friend who is interested in taking up that work. He is
looking at using the BEEP framework (www.beepcore.org) to build the
replacement for NTP.
Any feed back in this is most welcome, most importantly please tell me
if this a really stupid idea :)
Wish you all a Happy and Safe New Year!!!
raj
I don't know if what I am proposing is of any practical use. I plan to
add a database back end to nessus so that the current KB which is
stored in a file is stored in a DB. Some more modifications that I
plan are to get all the config options from a config file also, if
available so that nessusd can be made an independent daemon with out
the client, checking any given network from the config continously.
The database can be queried by a web front end to produce reports
which can give the summary of the problems found in any given time
frame. This will transform nessusd to some thing similar to snort with
DB back end (in the way the daemon runs and not in function)
One use of this functionality is when security scanning is done
remotely by an out source agency and the suites wants to see things like
how many times the network was scanned and how many vuln was found
out in a particular period of time etc...
Is any work going on to change the NTP to some other protocol? I have
one of my friend who is interested in taking up that work. He is
looking at using the BEEP framework (www.beepcore.org) to build the
replacement for NTP.
Any feed back in this is most welcome, most importantly please tell me
if this a really stupid idea :)
Wish you all a Happy and Safe New Year!!!
raj