ChangeLog for nessus-core, nessus-libraries, nessus-plugins, libnasl $Id: CHANGES,v 1.169 2002/02/24 10:28:29 renaud Exp $ 1.1.13 : . changes by Michel Arboi (arboi at algoriel.fr) - New family ACT_SETTINGS dedicated to plugins which just let the user enter some preferences - Optional NIDS evasion techniques (url encoding, tcp slicing) . changes by Renaud Deraison (deraison at nessus.org) - Fixed a bug in the command line client which would make it ignore some preferences - SMB checks can now log into a Windows domain - NIDS evasion techniques (data injection, short ttl) - Fixed a bug which would randomly stall the scan 1.1.12 : . changes by Renaud Deraison (deraison at nessus.org) - Workarounds on FreeBSD to prevent a kernel panic (thanks to Michael Scheidell and Stefan Esser) - nessus can export reports as other file formats again 1.1.11 : . changes by Renaud Deraison (deraison at nessus.org) - Fixed a bug regarding the saving of reports from the GUI - Improved the backend in many ways (speed-wise, content-wise) - Changes in the protocol - More messages are sent between the server and the client (timestamps, plugins version, ...) - New .nbe file format, which looks like .nsr but has more information in it - Plugins now have versions numbers. - The user can upload his plugins to the nessusd server from the client - It is now possible to upload files to the server (ie: nmap's results) in command-line mode - Fixed false positives in SNMP plugins when launched against a non-configured Solaris snmpd . changes by Guillaume Valadon (guillaume at valadon.net) - New XML output (the XML layout was defined by Lionel Cons [lionel.cons at cern.ch]) 1.1.10 : . changes by Renaud Deraison (deraison at nessus.org) - Fixed a bug introduced in 1.1.9 which would sometimes prevent a user from aborting an on-going test - Fixed a bug in the client which would prevent the user from setting a port range longer than 255 chars - Fixed bugs in pcap_next() (thanks to Richard van den Berg). Also, pcap_next() is now more flexible. - Fixed a bug in the command line client which would make it close the communication too early when the client - server communication is not ciphered - Added an "auto-load dependencies at runtime" option 1.1.9 : . changes by Renaud Deraison (deraison at nessus.org) - Fix in the GUI, when closing a saved report - Fixed a bug in ftp_log_in() which would prevent nasl script from logging into some FTP servers - Solaris build problems fixed - Darwin 1.4.1 build problems fixed - MkLinux DR3 build problems fixed (is anyone using it anymore ?) - GTK 1.0.x build problems fixed (the use of GTK 1.2 is recommended though) - Fixed the "wrong call to getopt" problem which would make Nessus segfault when built with cygwin, and which would prevent options from working under Solaris & FreeBSD (thanks to Udo Schweigert) - SMB checks speedup (thanks to Georges Dagousset's suggestion) - Fixed a bug in the client - server communication that would make the server close the communication when the client is idle - Better support for AF_UNIX socket for client-server communication (compile nessus-core with ./configure --enable-unix-socket) - Plugins are disabled by default in batch mode . changes by Michel Arboi (arboi at algoriel.fr) - Client now properly checks the certificate of the server . changes by Benoit Brodard (bbrodard at arkoon.net) - fixed bugs in nasl/tcp.c (checksum, handling of unsigned int) 1.1.8 : . changes by Renaud Deraison (deraison at nessus.org) - Workaround for systems with a low number of bpfs (OpenBSD, Darwin) - Added some length checks for SMB checks - No more zombies - Fixed accounts.nes - Fixed the reporting of the client (reports would be mixed) - Client removes tempfiles when exiting - Repaired ptyexecvp() which would not work on Solaris - Slight bugfix in the NASL interpretor . changes by Georges Dagousset (georges at alert4web.com) - More optimizations - Properly reloads KBs with the same value defined more than once - Fixes in some plugins dependencies . changes by Michael Slifcak <Michael.Slifcak at guardent.com> - More nmap options - Quiet mode in nessus-adduser 1.1.7 : . changes by Renaud Deraison (deraison at nessus.org) - Compiles on platforms without OpenSSL - Better Solaris support - Ported under Darwin (many thanks to Dieter Fiebelkorn (dieter at fiebelkorn.net) who actually started the port and helped me test this) - Unscanned ports can now be considered as closed or open (instead of just open), at user choice - Upgraded to libtool 1.4.2 - fixed a bug in the client which would make it display the wrong report when doing multiple scans - enhanced the plugins filter (that appear when pressing 'l' in the GUI) - fixed a serious problem in the SMB plugins which would prevent them to work against Samba and which would make them slow against Windows (pointed out by Georges Dagousset) . changes by Iouri Pletnev (Iouri.Pletnec at xacta.com) - Ported under Cygwin . changes by Michel Arboi (arboi at algoriel.fr) - Added nessus-mkrand for hosts with no /dev/random AND no EGD running 1.1.6 : . changes by Renaud Deraison (deraison at nessus.org) - EGD support for OpenSSL (do ./configure --enable-egd=/path/to/egd/socket in nessus-libraries) - KB items are now stored with individual dates instead of a global date for the whole KB file. Yes, this means you have to delete your old KB files - When an host could not be pinged, his KB is not altered (nor created) - fixed memory leaks in nessusd - nessus-mkcert checks that the certificates were really created before congratulating the user - fixed a security problem where anybody with a shell on the nessusd host could log in 1.1.5 : . changes by Georges Dagousset (georges.dagousset at alert4web.com) : - new KB entries for further "optimizations" - improved find_services.nes . changes by Renaud Deraison (deraison at nessus.org) : - cleaned up the KB - added doc/kb_entries.txt - bugfix in find_services regarding the pem password - new reporting GUI - fixed a problem which would leave some plugin run against a host considered as dead - the KB are now stored with properly escaped \n and \r chars - greatly improved tcp_ping.nasl (and tcp_ping() in libnasl) . changes by Michel Arboi (arboi at algoriel.fr) : - replaced PEKS by OpenSSL in the client/server communication . changes by H D Moore (hdm@secureaustin.com) - fixed no404.nasl 1.1.4 : . changes by Renaud Deraison (deraison at nessus.org) : - fixed find_services.nes - plugins that are slow to finish are _really_ killed by the server - the client better handles the scan of big networks - nmap_wrapper now updates its progress bar - nessus-update-plugins support proxies (with or without authentication) - monitor_backend.c and data_mining.c allow any developer to plug a database behind the client (by default flatfiles are used) - bug fixed in nmap_wrapper which would make it kill its parent process randomly - minor fix in the tcp_ping() function of NASL (ack would be set to non-zero for a syn packet) - fixed Alexis's ftp_write_dirs.nes & ftp_bounce_scan.nes . changes by Michel Arboi (arboi at noos.fr) : - find_services accepts password-protected .pem files - patches in the way files were transmitted between the client and the server (which could end up in a deadlock) . changes by Alexis de Bernis <alexisb at tpfh.org) : - fixed ftp_write_dirs.nes 1.1.3 : . changes by Renaud Deraison (deraison at nessus.org) : - added the plugin 'torturecgis.nasl' which supplies bogus args to the remote CGIs, in order to find the most blantantly broken ones - webmirror.nasl now retrieves the list of arguments of each CGI. - added filter support in the client. Use the key 'l' to filter out plugins you don't want to see. - added the 'safe checks' option which allow the user to not disturb the network (but which weakens the Nessus tests) - disabled backward support for port 3001 - the official port is 1241 now. 1.1.2 : . changes by Renaud Deraison (deraison at nessus.org) : - added the plugin 'webmirror.nasl', which extracts the list of CGIs used by a remote web server (and will do much more). - fixed a problem in NASL due to the SSL patch that would cause a fd leak with some plugins. - added a new plugin category (ACT_DESTRUCTIVE_ATTACK) for plugins that may harm the remote host. - SSL certificates & key can be imported - corrected a bug introduced in 1.1.0 that would make the client not display the name of the plugin currently being run. - sending signal SIGUSR1 to nessusd makes the grandfather process (the one who listens on tcp ports) die without killing its children, thus allowing a smooth upgrade of nessusd - updated config.guess and config.sub 1.1.1 : . changes by Renaud Deraison (deraison at nessus.org) : - fixed mem leaks in NASL - fixed a bug introduced in 1.1.0 regarding recv_line() - fixed a bug introduced in 1.1.0 in the process management of the plugins (all the KB would not be filled, resulting in incomplete tests) - smb_sid2user.nasl is twice as fast ;) 1.1.0 : . changes by Devin Kowatch (devink at SDSC.EDU) : - fixed communication problem between client and server - user-defined timing policy in nmap - nessus-update-plugins uses wget (or any user-supplied command at compilation time) if available. . changes by Michel Arboi (arboi at bigfoot.com) : - support for the -T option of nmap - SSL support . changes by Zorgon (zorgon at antionline.org) : - support for the --os_guess option of nmap . changes by Renaud Deraison (deraison at nessus.org) : - the user can upload files to plugins through the client (ie: it is possible to upload nmap's results directly to the nmap plugin) - tests can be run in parallel now - each user is now granted a home by nessus-adduser - added nessus-rmuser - per users plugins 1.0.7 : . changes by Jordan Hrycaj (jordan at nessus.org) : - added support for iana port 1241 while 3001 open at the same time, nin-compat mode (disabling 3001) as an experimantal configure option - nessus-adduser allows to create local users with immediate key exchange (no passphrase procedure needed) - nessusd allows to specify user logins with netmasks (as with the public key tags and passwords) in the nessusd.users file - some options added to nessus, and nessusd - you can force the compilation/installation of the getopt_long() function(s) by a configure option . changes by Renaud Deraison (deraison at nessus.org) : - http virtual hosts can now be tested - user-modifiable per-plugin timeout - detached scans can now be stopped from the client - fixed issues in detached scan - implemented plugins_reload() which loads new plugins in memory - get_host_name() returns the name of host, as entered by the user (and not a resolve(ip(name_of_host))) - added the function cgibin() in NASL, which returns the paths to use to get to the CGIs (default : /cgi-bin) . changes by Loren Bandiera (lorenb at shelluser.net) : - XML output improved 1.0.6 : . changes by Renaud Deraison (deraison at nessus.org) : - detached scans can send their result to a given email address (experimental, see http://www.nessus.org/doc/detached_scan.html) - diff scan (experimental - see http://www.nessus.org/doc/diff_scan.html) - probably fixed a bug which would prevent, under rare circumstances, a scan to finish - NASL plugins can have no timeout - minor change in the LaTeX report - Support for Sun Workshop 5 compiler - IRIX 6.2 support - HP/UX 10.20 support - Fixed a problem in report saving (saving as HTML would produce an XML file) - thanks to Scott Nichols (Scott.Nichols at globalintegrity.com) . changes by Jordan Hrycaj (jordan@mjh.teddy-net.com) - Fixed a problem in the random number generator 1.0.5 : . changes by Loren Bandiera (lorenb at shelluser.net) : - XML output in the Nessus client. . changes by Renaud Deraison (deraison at nessus.org) : - added experimental KB saving, to prevent the audit to restart from scratch between two tests. See http://www.nessus.org/doc/kb_saving.html for details - added experimental detached scans. See http://www.nessus.org/doc/detached_scan.html for details - bug in the test of DoS attacks fixed (thanks to Christophe Grenier, (Christophe.Grenier at esiea.fr)) - minor changes in nessus-adduser - scripts that open a UDP socket read the result of a UDP scan first - when it receives a SIGHUP, nessusd first frees memory. It also closes and re-opens the nessusd.messages file - the plugin timeout is now user definable, in nessusd.conf - 64 bit compatible (nessusd would produce warnings when running on some 64 bit architectures). Thanks to the SuSE (http://www.suse.de) team for having given me access to an IA-64 to compile and try Nessus. - libnasl : better error reporting, minor bugs fixed . Changes by Jordan Hrycaj (jordan at mjh.teddy-net.com) - faster cipher layer . changes by Cyril Leclerc (cleclerc at boreal-com.fr) - a GTK error would sometime be produced when the client is run in batch mode (Cyril Leclerc (cleclerc at boreal-com.fr)) 1.0.4 : . changes by Christoph Puppe (pluto at defcom-sec.com) : - added "Sort by Port" to the report window. Saving of this is not finished. - arglist_insert sorts first by holes, then by warnings, then by notes. Previous version only sorted by holes. . changes by Renaud Deraison (renaud at nessus.org) : - ftp related checks : the user can now supply a login/password for the ftp checks, and relies on the ftp banner if nessusd can't log into the ftp server (requested by Jens.Oeser at connector.de). - libnessus : ftp_log_in() would sometime fail against some ftp servers - better handling of large reports - tests are saved on the server side and can be restored. Note that this is experimental and disabled by default. Do ./configure --enable-save-sessions to enable this experimental feature, and read doc/session_saving.txt for details. - better handling of targets with multiple web servers running - continue to launch the DoS if the state of the remote host can not be determined - fixed a bug in smb_login_as_users.nasl, and improved smb_accessible_shares.nasl - added checks for unpassworded MySQLs and PostgreSQL databases - nessusd uses less memory . changes by Pavel Kankovsky (peak at argo.troja.mff.cuni.cz) : - fixed a possible deadlock in the nessusd internal communication - fixed a problem in the client that would make it crash if it received a malformed message from the server - the client would not detect the death of the server when run in batch mode - possible header confusion (with regex.h) fixed - possible signal deadlock when exiting fixed . Other changes : - fixed a problem in the function is_cgi_installed() that may sometime not work against odd clients (Thomas Reinke (reinke at e-softinc.com)) - fixed a bug in snmp_default_communities.nasl (Lionel Cons (lionel.cons at cern.ch)) - fixed showmount.nasl (Paul Ewing Jr. (ewing at ima.umn.edu)) - typo in showmount.nasl would prevent it to work over udp (ctor at krixor.xy.org) 1.0.3 : . changes by Renaud Deraison (renaud at nessus.org) : - fixed various small problems in various plugins - fixed a nasty bug in libnasl that would prevent raw packets from being read - compiles under Solaris - possible segfault in the client fixed 1.0.2 : . changes by Christoph Puppe (christoph.puppe at defcom-sec.com) : - Unified the naming of Vulnerability, Warning, Note in ASCII and HTML. - latex_report_category seems like an oversimplification to me. What if we have a large network with lots of small holes, is this saver than a network with only one big? I've made a try on weighted rules. Hosts with holes get elevated to *10, warnings to *5 and notes stay where they are. - added Level Note, it has it's own dot and is meant to be used for notes and notifications. The tex file is updated. - changed smalies in various functions, to be easier to read, faster or more generic. - plugins: finger.nasl was buggy . changes by Renaud Deraison (renaud at nessus.org) : - possible hang at report time fixed in the client - fixed a bug in the way the command-line client handles the plugins preferences - fixed a problem in the detection of the servers that do not reply with a 404 error code when request an inexistant page - fixed various compilations errors occuring on various platforms - libnasl : fixed a bug that would occur in standalone mode - nessus-libraries : takes the presence of the shared libraries of the system into account - SMB and DCE/RPC over SMB issues : . smb_login.nasl : fixed an error (would always want to access IPC$ to declare that a login is valid) . netbios_name_get.nasl : fixed an error which would prevent the SMB tests to work against Windows 2000 . smb_dom2sid.nasl : LsarQueryInfoPolicy() now obtains the host sid, rather than the sid of the domain, so that local accounts are shown and tested (instead of the domain accounts only) . smb_enum_services.nasl : Lists the services that are running on the remote host - new security checks added . changes by Jordan Hrycaj (jordan at nessus.org) : - libpeks now uses the libgmp that comes with the operating system if any, and does the same for libz - fixed a bug that would prevent the client from working properly under OpenBSD 1.0.1 : - nessusd : if the --enable-tcpwrappers flag is given to ./configure, then nessusd is compiled with tcpwrappers support - nessus : Pies and charts under Win32 too - nessus : fixed errors when generating pies and charts which would cause horrible graphics (thanks to John Q. Public (tpublic at dimensional.com) for pointing this out) - nasl : memory leaks fixed, performance improved, bug in forge_tcp_packet() fixed - nessus-update-plugins : somehow improved - plugins : more SMB checks, rewritten showmount in nasl, tons of new security checks (for a total of 435, whatever that means) - plugins : fixed snmp_default_communities which was bugged. Thanks to W. Mark Herrick, Jr. (markh at va.rr.com) for pointing this out. - gmp 3.0 is used by libpeks (vs 2.0.2) 1.0.0 : - nessus : fixed problems with the "spiffy" HTML export - nasl : fixed various minor issues - nasl : added the function ereg_replace() - libhosts_gatherer : fixed a problem in the reverse lookups issues - plugins : nearly 20 new security checks (including SMB checks) - hinting to NESSUSHOME if ~/.nessusrc is not available (jh) 1.0.0pre3 : - added the utility nessus-update-plugins(8). See the man page for security notes - nessus : HTML reports now include links to the CVE entries - nessus-adduser / libpeks : it is now possible to declare from which host a user can connect to nessusd - plugins : better behavior of the CGI tests against hosts which do not issue 404 error codes - security : nessusd.users would sometime be in mode 0644 (due to nessus-adduser), accounts.nes would let nessusd users read arbitrary files on the system - nessusd : sends an error to the client when it attempts to scan a host it's not allowed to (suggested by Hermann Himmelbauer <dusty@violin-kan.dyndns.org>) - nessusd and nessus : error at loading time when the peks library was compiled with a special ./configure flag (thanks to Bradley M Alexander <storm@tux.org>) - nessusd and nessus : can be compiled with the --disable-cipher flags - plugins : ftp_overflow.nasl : fixed a false positive pointed out by Jean-Paul Le Fevre <J-P.LeFevre@cea.fr> - plugins : a dozen of new plugins have been added (piranha, uw imap overflow, Ken!, htimage.exe, lcdproc overflow, real server DoS, and more...) - nasl : added open_priv_sock_{udp,tcp} to open a socket with a priviledged port 1.0.0pre2 : - nessusd : stop the current plugin when the user hits 'stop' - nessusd : the rules now accept the keyword 'client_ip' (suggested by Hermann Himmelbauer <dusty@violin-kan.dyndns.org>) - nessusd : logs the name of the plugins that are loaded (suggested by Matthias Andree <ma@dt.e-technik.uni-dortmund.de>) - nessus : the 'reverse lookup' option now works - nessus : typo would prevent to compile nessus with gtk 1.0 (thanks to mike <michael.seeger@mchh.siemens.de> for pointing this out) - nessus : changed the .nsr file format to something more easily parseable which contains the ID of the plugins which generate security warnings or holes - nessus : error dialog makes more sense when nessusd is killed in the middle of a test (pointed out by Matthias Andree <ma@dt.e-technik.uni-dortmund.de>) - nessus : fixed a segmentation fault that could occur during the login (Stefan Rapp s.rapp@hrz.uni-dortmund.de) - nessus : the user now has the ability to select all the plugins except the dangerous ones - nessus : fixed the busy waiting loop in the password dialog. For real this time. Thanks to Matthias Andree <ma@dt.e-technik.uni-dortmund.de> for pointing this out again. - nessus : other cosmetics things have been fixed - nasl : now supports user-defined functions (see the documentation for more details) - plugins : ssh_insertion.nasl : fixed a typo which would cause the plugin to yell when the user was using OpenSSH 1.2.2 (which is immune to this problem). Thanks to R. Pickett <emerson@hayseed.net> for pointing this out - plugins : lot of new security checks (thanks to Roelof Temmingh <roelof@sensepost.com> for pointing out some missing IIS checks) - all : version check at startup, as suggested by Scott Adkins <sadkins@voyager2.cns.ohiou.edu> 1.0.0pre1 : - nessus-adduser : utility to add easily a nessusd user - nessus : remembers the username - nessus : warns the user that the host key has been saved - nessus : fixed a busy waiting in the passphrase requester (thanks to Matthias Andree <ma@dt.e-technik.uni-dortmund.de> for pointing this out) - nessus : fixed a segmentation fault that would occur when the user close the test window during a test - nessus : saves the preferences of each plugin - nessusd : fixed a problem in the rules which ended up being too restrictive - nessusd : killall -1 nessusd now works - plugins : nmap_wrapper.nes : compatible with the new output of nmap - traditional netmasks (255.255.255.0) are now accepted - will not scan broadcast addresses (ie: 192.168.1.1/255.255.255.0 will scan from 192.168.1.1 to 192.168.1.254) - Compatible with FreeBSD 4 0.99.10 : - nessus : polished the GUI - nessus : GTK 1.0 compatible (Eduardo Urrea <eduardou@hispasecurity.com>) - nessusd : fixed a problem which could make the client see what was happening a few seconds later the event happened. (this was occuring when doing few tests against a great number of hosts) - nessusd.conf goes back to ${sysconfdir}/nessus/ (and not ${sysconfdir}/) - nessusd CPU usage : dropped from 100% to much fewer [thanks to Ryan Mooney <ryanm@mhpcc.edu> who pointed this out] - nessus and nessusd : the target file may have an unlimited size (it was cut down to 2047 bytes in the past) [many thanks to Boris Wesslowski <Boris.Wesslowski@RUS.Uni-Stuttgart.DE> for pointing this out] - nasl : fixed a bug in recv() which would make nasl crash when reading data from a non-socket - nasl : close the sockets opened by a script in nasl_exit() - nasl : fixed a bug in egrep() - nasl : init_telnet() behaves well against a tcp-wrapped telnet - plugins : nmap_wrapper : ability to use nmap's ping. 0.99.9 : - nasl : added support for \xNN translation (Sebastian Andersson <sa@hogia.net>) - nasl : cleaner compilation process - nessusd : removed warnings during compilation - nessusd : fixed a possible segmentation fault / logfile corruption that could occur when the user was manually stopping a test - nessusd : fixed typos that would prevent the compilation without the cipher layer - libnessus : timeout in recv_line() - nessus : fixed a dumb segmentation fault in the client when all the plugins are activated - nessus : disable all / enable all buttons - nessus : nicer xpms for error and warnings dialogs - nessus : fixed a bug that could make the client crash during plugin selection - plugins : read_accounts : fixed a problem that would disable this plugin - plugins : read_accounts : better handling of BSD telnet - plugins : queso : fixed a problem which would disable this plugin - plugins : stacheldraht : fixed a typo - plugins : added acc.nasl, netscape_wp_bug.nasl - added nasl_version() and nessuslib_version(), as suggested by Scott Adkins <sadkins@voyager2.cns.ohiou.edu> - nessus-core : better support for sysconfdir Keith Amidon (camalot@picnicpark.org) 0.99.8 : - OpenBSD portability - HP/UX shl_* support - re-attributed the plugins category, thanks to the lists made by Jeff Odegard <jeff@digitaldefense.net> who divided the plugins into three categories : begnign, intrusive and potentially destructive - the client disable all the potentially destructive plugins if they are not in ~/.nessusrc, and puts a warning sign in front of them - plugins have been attributed a unique ID - plugins are CVE compatible - NASL now supports regular expressions through the ereg() function. The syntax of the regexps is egrep-style, that I personnaly like. - several bugfixes - several new plugins - 'nasl' is a standalone NASL interpretor that can be used to debug Nessus scripts and/or write independants ones. - the nasl guide has been updated and comes with libnasl/ 0.99.7 : - fixed a 'file descriptor bomb' which would prevent nessusd to test big networks - fixed a problem in nessusd which would make it slow down then crawl when it was testing big networks 0.99.6 : - many segmentation faults corrected - fixed a problem in the client <-> server communication which would make the server "forget" to send some data to the client 0.99.5 : - New HTML export with pies and graphs - Handles the HTTP redirects (thanks to Andreas J. Koenig <andreas.koenig@anima.de> for requesting it) - behaves well when the same service is detected more than once on the target side. Ie: if the target is running 2 web servers, then all the security checks will be performed on both - Nicer client GUI - Communication between the client and the server's children done in a cleaner way - Corrected a bug in the client that would prevent it to work when not compiled with the cipher layer - Added a inetd friendly option - The quiet mode of the client will produce HTML, LaTeX, text or .nsr files regarding the file suffix given as argument - ASCII text output - report can be saved to stdout - kept-alive connection between the client and the server (no need to log in again between two tests) 0.99.4 : - Speedup - Several segmentation faults fixed - The user can now select the timeout value of the security checks read() function - The client can specify an alternate configuration file - Client : fixed problems regarding when to use the GUI Previous versions : - Corrected a problem regarding the list of checks selected by the user - ${prefix}/var/nessus is created - Corrected a typo in the code that would generate the preferences file - Changed the behaviour of the nessus client, when it is started in the background and a pass phrase is wanted as input. If available, the client terminates while complaining to the stderr. - Added long options to the nessus client; as a side effect, the command line version works under windows, too - OpenBSD portability issues - Fixed the process tracker on cipher layer to meet the io thread table overflow - Updated the process mgmnt, provided a general pty interface for subprocesses like nmap - Reduced memory consumption by 50% - Nessus can now use nmap(1). Thanks to Phil Brutsche <pbrutsch@creighton.edu> who helped me to figure out how to do this. - Configuration files now installed in ${prefix}/etc/nessus/ - Man pages for nasl-config, nessus-config, nessus-build, as well as patches to problems that may occur during the installation by Josip Rodin <joy@cibalia.gkvk.hr> - More efficient way to determine whether a DoS was successful or not. Thanks to Michel Arboi <arboi@bigfoot.com> for the suggestion (does not work well yet) - The communication errors : 'out of threads already' and 'no cookie for received packets' have been fixed. - All the newest security tests