nessquik roadmap
Fermi Specific
In General
Feature additions for 2.5
  • scan inside and outside the network by using inside and outside scanner
  • customized tickler for nessquik-clients used behind firewalls
  • the whitelist admin feature works much better now. Add, copy and rename popup boxes have been obliterated and moved to a much more understandable sidebar
  • more per-user interface settings will be available
  • 'critical vulnerability' special plugin profile will be created
  • 'web exemption' special plugin profile will be created
  • an admin help section has been created that will includes faqs and topics for most, if not all, admin areas
  • admin section includes a feature to view all the scans not running,pending,running and finished
  • admin section includes a metrics area
  • a lot of pork has been cut out of the process script.
  • new servers that are added can be made semi private so that only the group that runs that server can schedule scans on it.
  • plugin profiles can be assigned to specific groups so that only those groups can view and use them
Feature additions for 2.5
  • Supported browsers include IE7, Firefox, and Apple's WebKit browser
    (unless WebKit suddenly breaks in development. In that case use FF)
  • ability to cancel individual scans as they are occuring
    (Requires PHP 5 and proc_terminate)
  • scanmenow code made available
  • portscanmenow code made available
  • add or remove plugins/families/severites from a scan profile after the profile has already been created
  • add or remove devices from a scan profile after the profile has already been created
  • special plugin profiles feature for configuring groups of plugins to be known as a single "plugin". Allows one to, for instance, create a single plugin of critical vulnerabilities, and have that "plugin" show up as a single plugin that users can choose to scan with. If you still dont understand, see this image
  • nessquik-client code made available. As a usage example, you can place the client code on a Nessus server behind a firewall and schedule scans on your main nessquik server that will then be run behind said firewall and the results will be available on the main nessquik server
  • a whole lot of fat has been trimmed off several of the auto updating sections of nessquik. The scans page for instance is MUCH more lightweight than it was in 2.0 and Firefox should no longer freeze if you sit at the scans page for 24 hours straight
  • calendar was removed and replaced with a simpler click/shift-click feature. To all the haters, the calendar was overkill for a job that could be accomplished in a much more basic way.
  • ability to view the scan results for all your scans ever run
  • ability to diff the results of a scan to see what has changed
  • lib/nessus.php has been given a method to parse nsr files. I humbly ported Perl code to PHP for this. See inline documentation for the specific method for source of original Perl script.
  • export your reports to NBE format too now
  • ability to add exponential number of scanners that nessquik can distribute scans to.
  • fix for long scans that run past midnight and are killed by the nightly plugin updater
Feature changes for 2.5
  • interface has been redone to better support feature requests
  • help page is better categorized, and several of the popup help items strewn about the interface have been relocated to the help page.
  • the ability to add and remove devices from the saved scan profile has led to a change in the way devices are saved to the scan profile. I will make every attempt to port these devices over to the new model but understand that if it doesnt work, you'll need to re-add the devices.
Caveats of 2.5
  • several changes have been made to the database tables and code that make nessquik 2.5 not backwards compatible with 2.0. nessquik 2.0 code will not work with 2.5, so dont run separate versions of nessquik with the same database.