Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [RFC] Vulnerability library proposal

From: Djalal Harouni <tixxdz () opendz org>
Date: Tue, 9 Aug 2011 02:48:58 +0100
On Tue, Aug 09, 2011 at 11:13:02AM +1000, Christian Heinrich wrote:

Djalal,

On Tue, Aug 9, 2011 at 12:08 AM, Djalal Harouni <tixxdz () opendz org> wrote:

We are designing this NSE vulns library to be flexible, so users can use
their own DB like this 'Vuln::DB' or the 'OSVDB' etc. Perhaps Nmap will
even have its own database ?


I would prefer if nmap didn't compete with OSVDB, rather leverage
their data and contribute any errors in QA of the nmap results.

I think that Fyodor prefers that Nmap has its own DB.

I'm note sure about this:
I think that Nmap will not include any external DB, we'll just write
some scripts to query webservices or local DBs if they are present
(if they were previously downloaded by users).


I am lead to believe that the revenue from Vuln::DB is invested in the
development of Dradis.  Maybe nmap contributing to the development of
Vuln::DB could ne negotiated?

I don't know. Fyodor is the person who can answer these questions.

Thanks Christian.

-- 
tixxdz
http://opendz.org
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: