> > I use Nessus for Windows. I turn off some of the plugins in some families
> > so I see mostly vulnerabilities in my reports. But once you start selecting
> > individual plugins rather than families, plugin updates become a problem.
> > You don't know what's new, so you have to review the plugin lists. Is there
> > a way to tell what's changed or new? All the plugins get the current date
> > when I update. I suppose I could make a copy of the plugin directory and
> > use
> > a differencing program, but it seems there should be a better way.
>
> Hi Bob,
>
> Have you considered the RSS plugin feed?
>
> http://www.nessus.org/rss-plugins.xml
>
> This is updated as soon as Tenable releases a new plugin.
There's certainly useful info in this feed, but it isn't directly coupled to
the state of installed plugins on my scanning pc. I make the problem worse
by only using Nessus intermittently. (We use mainly Shavlik for scanning and
deploying to Windows machines, but Nessus checks for things that Shavlik does
not.)
I did try making a copy of the plugins directory, updating plugins and
running WinMerge (http://sourceforge.net/projects/winmerge/) to see what
changed. It worked much better than I expected. In particular, comparing
the plugins by content took only a few seconds. This will meet my needs.
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
|