Re: [ISN] "Nessus calls home"? Facts of the matter.

From: InfoSec News (isnat_private)
Date: Fri May 10 2002 - 01:35:46 PDT

  • Next message: InfoSec News: "[ISN] FIRST 2002 reminder"

    Forwarded from: bschnzlat_private
    Cc: deraisonat_private
    
    How 'bout letting us specify our own domains, making example.com the
    default, and putting a notice in the results!
    
    You could use nessus.org as the default to make sure DNS did not get
    in the way.  The notice in the results would make that legit.
    
    In a message titled [ISN] "Nessus calls home"?  Facts of the matter. ,
    on 9 May 2002 at 2:06, InfoSec News sent these words:
    
    > Forwarded from: Jay D. Dyson <jdysonat_private>
    > 
    > -----BEGIN PGP SIGNED MESSAGE-----
    > Hash: SHA1
    > 
    > Courtesy of Renaud Deraison (forwarded with permission).
    > 
    > I believe this should be given wide dissemination to dispel the rumors
    > that flew around CanSecWest.  -Jay
    > 
    > 
    > - ---------- Forwarded message ----------
    > Date: Wed, 8 May 2002 16:50:09 +0200
    > From: Renaud Deraison <deraisonat_private>
    > To: nessusat_private
    > Subject: "Nessus calls home"
    > 
    > Hi,
    > 
    > I attended CanSecWest last week and I was told there were rumors of people
    > complaining about Nessus "calling home" when doing a scan. 
    > 
    > In order to clear the confusion, here's a small explanation of what Nessus
    > does, followed by a short poll asking you what you'd prefer it to do. 
    > 
    > First, let me emphasizes something : Nessus does *not* call home. It never
    > does, never did and never will. 
    > 
    > However, the checks have a side effect that may have the naughty side
    > effect to sending some packets to nessus.org, which can make people think
    > I have the ability to monitor their scans - here's the list : 
    
    [...]
    
    Bill Scherr IV, GSEC, GCIA
    Electronic Warfare Associates / IIT
    Lafayette RTI, Camp Johnson
    Colchester, VT 05446
    802-338-3213
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Fri May 10 2002 - 04:44:02 PDT