Subject: Nessus 3.0's failed community
From: Brian Behlendorf <>
Date: Sun, 27 Nov 2005 04:42:51 -0800 (PST)

So, is this an example that the open source approach isn't guaranteed to 
work no matter how "open" you are, or did Ron fail to provide both the 
processes and motivations to facilitate outside contribution?  It always 
surprises me when I hear certain open source companies brag about the fact 
that they get no outside contributors, or they have to rewrite everything 
that people offer them anyways, like that's some mark of success.  Isn't 
it instead a competitive weakness?  If you have to invest everything 
necessary to create a quality product, and all your service competitors 
have to do is learn how your product works....


---------- Forwarded message ----------
Date: 26 Nov 2005 23:26:04 -0000
Subject: Nessus 3.0 discussed
Posted by: ScuttleMonkey, on 2005-11-26 21:33:00

    An anonymous reader writes "Nessus is one of the world's most popular
    (open source) vulnerability scanners, used in over 75,000
    organizations world-wide. Many of the world's largest organizations
    are realizing significant cost savings by using Nessus to audit
    business-critical enterprise devices and applications. With the recent
    news of [1]going closed source Ron Gula took a few minutes to [2]talk
    to SecurityFocus. From the article: 'I speak to a lot of different
    open source project managers and they say similar stuff -- it's mostly
    free users and not really code contributors.' What would happen now?
    Nessus 3 will provide an average 5x speed improvement compared to the
    old, but open source, 2.x version, and a lot of new features."