[ISN] "Nessus phones home": the final report.

From: InfoSec News (isnat_private)
Date: Mon May 20 2002 - 03:22:00 PDT

  • Next message: InfoSec News: "[ISN] Couple little things"

    Forwarded from: Jay D. Dyson <jdysonat_private>
    
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1
    
    Forwarded with permission of Renaud Deraison.
    
    - ---------- Forwarded message ----------
    Date: Fri, 17 May 2002 19:57:22 +0200
    From: Renaud Deraison <deraisonat_private>
    To: nessusat_private
    Subject: Re: "Nessus calls home"
    
    On Wed, May 08, 2002 at 04:50:09PM +0200, Renaud Deraison wrote:
    > I attended CanSecWest last week and I was told there were rumors of
    > people complaining about Nessus "calling home" when doing a scan.
    
    Thanks to everyone who replied to me on this issue. I was surprisingly
    overwhelmed with answers, so please forgive me if I did not reply to you
    personnaly. 
    
    So sum up the replies : a vast majority of people don't care, but everyone
    agreed that a user-defineable third party domain was the way to go.
    
    In Nessus 1.2.1 (or the current CVS snapshot), a new option now appears in
    the 'plugin prefs' tab, and is set to "nessus.org" by default. Users can
    change it to something else, so privacy issues should be somewhat
    resolved. 
    
    I modified more plugins than what I thought would be necessary - I'd like
    to thanks Thomas Reinke for sending me a list of plugins that used
    "nessus.org" in one way or another (there were more than what I thought,
    mostly because of lazyness on my part). People interested in the full list
    can go to cvs.nessus.org and look for the plugins whose commit log is
    "privacy". 
    
    While I apologize to those who have felt threatened by this issue, I
    sincerely regret the fact that they did not voice their concerns directly
    to me (even though I was attending CanSecWest, and the person who spread
    the rumor too), and prefered to go the sneaky way about this. 
    
    Hopefully, the incident is over in CVS, and will be in Nessus 1.2.1. 
    
    				-- Renaud
    
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.0.7 (TreacherOS)
    Comment: See http://www.treachery.net/~jdyson/ for current keys.
    
    iD8DBQE85p/5GI2IHblM+8ERAjRDAJ9vMkip1mnHTHLtuzHkNAi0swb+bACfZjpK
    Tqb+X88SSFdYy0iV/wJt5pY=
    =cMBR
    -----END PGP SIGNATURE-----
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Mon May 20 2002 - 06:10:11 PDT