Dear nessus developers,
the German BSI (Federal Office for Information Security)
contracted us (the companies Intevation and DN-Systems
Enterprise Internet Solutions) to develop an easy-to-use
security analysis system as Free Software under GNU GPL
additionally localized for German language.
BSI wants this solution primarily for its own purposes
and for other authorities for which they are some kind of
service provider.
Our plan is to not develop a system anew but to build upon
Nessus instead. This gives us now the opportunity to
contribute all developments to the Nessus project.
Thus note that BSI did not contract for Nessus development
officially. It just happens that our works can be
incorporated. Please keep BSI's role low - I do not want
the press or other people to draw a wrong picture.
The title of our project is "BOSS".
The core features planned are:
- I18N (gettext) for client and server including full
translation into German (but excluding a translation
of the plugins for now)
- re-design the client GUI and extend it with e.g. menus,
toolbar and tree-structure for input/output data.
- migrate to GTK2
- make sure the client works on Microsoft Windows as well
- extended report generation (PDF)
Furthermore we plan to create another component that we call
SLAD, Security Local Auditing Daemon. SLAD can be installed
on GNU/Linux systems and run tools like John-the-Ripper,
chkrootkit, virus scanners or tripwire. A module for nessusd
will make the management of this available for the nessus
client.
We will do all developments openly and welcome any
discussion, comments and suggestions from the current
development team.
So far, we would like to avoid our project to be announced
to the press. We prefer to have solid first results first.
Note that we also contracted Renaud for supporting us in
conceptual and technical questions, i.e. to tell us what
could go into main development or what would be rejected.
All the best
Jan (BOSS Project Coordinator)
--
Jan-Oliver Wagner http://intevation.de/~jan/
Intevation GmbH http://intevation.de/
the German BSI (Federal Office for Information Security)
contracted us (the companies Intevation and DN-Systems
Enterprise Internet Solutions) to develop an easy-to-use
security analysis system as Free Software under GNU GPL
additionally localized for German language.
BSI wants this solution primarily for its own purposes
and for other authorities for which they are some kind of
service provider.
Our plan is to not develop a system anew but to build upon
Nessus instead. This gives us now the opportunity to
contribute all developments to the Nessus project.
Thus note that BSI did not contract for Nessus development
officially. It just happens that our works can be
incorporated. Please keep BSI's role low - I do not want
the press or other people to draw a wrong picture.
The title of our project is "BOSS".
The core features planned are:
- I18N (gettext) for client and server including full
translation into German (but excluding a translation
of the plugins for now)
- re-design the client GUI and extend it with e.g. menus,
toolbar and tree-structure for input/output data.
- migrate to GTK2
- make sure the client works on Microsoft Windows as well
- extended report generation (PDF)
Furthermore we plan to create another component that we call
SLAD, Security Local Auditing Daemon. SLAD can be installed
on GNU/Linux systems and run tools like John-the-Ripper,
chkrootkit, virus scanners or tripwire. A module for nessusd
will make the management of this available for the nessus
client.
We will do all developments openly and welcome any
discussion, comments and suggestions from the current
development team.
So far, we would like to avoid our project to be announced
to the press. We prefer to have solid first results first.
Note that we also contracted Renaud for supporting us in
conceptual and technical questions, i.e. to tell us what
could go into main development or what would be rejected.
All the best
Jan (BOSS Project Coordinator)
--
Jan-Oliver Wagner http://intevation.de/~jan/
Intevation GmbH http://intevation.de/