|| ||Renaud Deraison <deraison-AT-nessus.org>|
|| ||Re: Nessus Roadmap / Nessus 3.0.0rc1 testers wanted|
|| ||Wed, 5 Oct 2005 13:13:52 -0400|
On Oct 5, 2005, at 12:53, Nordwall, Douglas J wrote:
>> Nessus 3 will be available free of charge, including on the Windows
>> platform, but will not be released under the GPL.
> Could you go into some of the reasons why this license change is
> taking effect? I'm sure that "business reasons" were involved in
> it, but if you can, I would like to hear more detailed reasons. If
> there are some technical or licensing reasons, I would be
> interested as well, as I know there are sometimes functionalities
> that would greatly improve a product that you cannot simply include
> because they belong to someone else.
Virtually nobody has ever contributed anything to improve the
scanning _engine_ over the last 6 years. I'm not talking about shoe-
horning DB support in nessusd, but really to contribute things which
make the scans faster, or Nessus more powerful.
Michel Arboi, a friend of mine, is one exception to that, and Nicolas
Pouvesle, a colleague at Tenable, is another exception to that.
A number of companies are _using_ the source code against us, by
selling or renting appliances, thus exploiting a loophole in the
GPL. So in that regard, we have been fueling our own competition and
we want to put an end to that. Nessus3 contains an improved engine,
and we don't want our competition to claim to have improved "their"
> I do not envy your support headache. Having supported a variety of
> unixes, I know that developing for many of them can be quite
It's actually making things simpler. Some distributions (ie: Debian)
apply unapproved patches to Nessus, which make things virtually
impossible to support when they do not break functionality. There is
also some random users compiling Nessus on estoric hardware or
operating system or both, which makes things also impossible to support.
> I am also guessing that the plugins will remain open for viewing at
Yes. A huge majority of the plugins will continue to be distributed
in the same way as today.
> I am also guessing that the policy compliance plugins may not be
> open for viewing.
Yes. This is the small minority.
Nessus mailing list
to post comments)