|| ||Javier Fernández-Sanguino Peña <jfs-AT-computer.org> |
|| ||Debian Security <debian-security-AT-lists.debian.org> |
|| ||Nessus to be removed from Debian, please switch to OpenVAS |
|| ||Sun, 2 Aug 2009 20:03:06 +0200|
|| ||Article, Thread
I've recently requested Debian Ftp maintainers  to remove from the archive
Nessus and all its related packages (nessus-core, nessus-libraries, libnasl
and nessus-plugins). The main reason for this is that upstream is more
focused in maintaining it's non-free version of Nessus (labeled version '3')
than the free version (the 2.2.x branch). Additionally, most of the plugins
(i.e. security tests) are now non-free.
I encourage people that are looking for an alternative to Nessus to switch to
OpenVAS (Open Vulnerability Assessment Scanner) which is a Nessus fork (based
on the 2.2.x branch) that is actively being maintained and is now available
No "smooth" transition will be provided from Nessus to OpenVAS, those that
need to switch can, however, possibly reuse the certificates, scanner
knowledgebase and custom NASL scripts used with Nessus with OpenVAS too.
Both tools can even be installed side-by-side since the OpenVAS server uses a
different port than the Nessus one.
Installing OpenVAS is Debian easy. To get both the server and the client just
aptitude install openvas-server openvas-client
Currently the OpenvAS release in Debian's unstable  distribution (2.0.1)
does not provide a way to easily download the plugins from the Internet.
Packages for the next release (2.0.3) have been worked on at the Debconf and
will be available really soon. With this release you can download the plugins
running (as root) 'openvas-nvt-sync' as described in
If you need help on the migration from Nessus or what more information on the
Debian OpenVAS packages please use OpenVAS' mailing list (in CC:) or the
general user-oriented mailing lists (see http://www.openvas.org)
 See the BTS: #534501, #534502, #534505, #534506
 OpenVAS in the stable (lenny) release is somewhat dated (1.0.2 version)
but backports are being made available too.
to post comments)