Hi, I just proposed to include OpenVAS as a package to OpenSUSE [1]. As said there, the current Nessus package in fact violates the license of Nessus server and should either be distibuted without SSL or removed. While the Nessus-fork OpenVAS offers the same or even improved base technology, the actual value of such a tool is related to the extend/quality of the test routines (called "plugins" in Nessus and "NVTs" in OpenVAS). So far, OpenVAS has established a upto-date stream of so-called "local security checks" for GNU/Debian. It make sense to extend this to other distributions as well and of course SUSE comes to mind as it occurs in enterprise environments. Are there any opinions here whether/how to establish a stream of NVT's for the SUSE SAs? (Of course I have some ideas about "how" :-) Best regards Jan [1] http://en.opensuse.org/Wishlist_Network#O -- Dr. Jan-Oliver Wagner Intevation GmbH, Osnabrück Amtsgericht Osnabrück, HR B 18998 http://www.intevation.de/ Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org