Subscribe: SourceForge.net: SF.net Project News: sussen
http://sourceforge.net/export/rss2_projnews.php?group_id=82251
Preview: SourceForge.net: SF.net Project News: sussen

Recent changes to news



Recent changes to news



Last Build Date: Mon, 26 Sep 2005 22:34:06 -0000

 



Sussen 0.13 Released

Mon, 26 Sep 2005 22:34:06 -0000

MMG Security announces the release of Sussen 0.13.

What is Sussen?

Sussen is a tool for testing the security of computers and other network devices.

It is in an early stage of development and should be considered experimental. Sussen is improving rapidly on many fronts, but it is not yet stable enough for full-time, everyday use.

Sussen is released under the GNU General Public License (GPL) version 2, see the file 'COPYING' for more information.

Urls

http://www.sussen.org

Dependencies

To run Sussen, you need the following:

Linux

* mono (1.1.9)
* gtk-sharp (2.3.90)

Windows

* Microsoft .NET Framework 1.1 w/ Service Pack 1

Changes Since 0.12

* Re-worked sussen-client interface
* Moved Nessus support to client
* Added sussen-policy-editor (supports Sussen & Nessus policies)
* Server and agent use async I/O
* Added SSL support to server and agent
* Start of reporting code




Sussen 0.12 Released

Mon, 13 Jun 2005 02:22:59 -0000

Sussen 0.12

MMG Security announces the release of Sussen 0.12.

WHAT IS SUSSEN?
---------------
Sussen is a tool for testing the security posture of computers and other
network devices. It is in an early stage of development and should be
considered experimental. Sussen is improving rapidly on many fronts, but
it is not yet stable enough for full-time, everyday use.

Sussen is released under the GNU General Public License (GPL) version 2,
see the file 'COPYING' for more information.

URLS
----

Sussen web site - http://www.sussen.org/

Mailing List -
http://lists.sourceforge.net/mailman/listinfo/sussen-devel

Code Repository - http://svn.mmgsecurity.com/svn/sussen/

Bugzilla - http://bugs.mmgsecurity.com/

Latest news - http://people.mmgsecurity.com/~lorenb/

DEPENDENCIES
------------
To run Sussen, you need the following:

Linux:

* mono (1.1.x)
* gtk-sharp (1.0.x)
* glade-sharp (1.0.x)
* gnome-sharp (1.0.x)

Windows:

* Microsoft .NET Framework 1.1 w/ Service Pack 1

CHANGES SINCE 0.11
------------------

* Added start of test suite
* Wrote sussen.spec for building RPM packages
* Building of client, agent and/or server can be disabled
* Display GPL and ask user to agree to it in Windows installer
* Fixed BasicPortScanner under Windows
* Implemented writeSystemInfo() in OvalResultsWindows class
* Added --run-nasl option to sussen-server
* Implemented writeSystemInfo() in OvalResultsRedhat class
* Improved OVAL results output
* Wrote better daemon code for agent and server
* Make sussen-agent TCP port user-configurable via --port option
* Renamed Sussen.Oval.Redhat to Sussen.Oval.Unix
* Wrote start of TextFileContent and XmlFileContent OVAL tests
* Added man pages for agent, server and client
* Added --help option to agent, server, and client




Sussen 0.11 Released

Tue, 24 May 2005 11:21:49 -0000

Since the last release we have moved away from porting security tests to
focusing on running existing ones. To that end we've been working on
NASL and OVAL interpreters for Sussen.

Sussen can currently run some OVAL tests on Windows and RedHat based systems.

The NASL interpreter can parse/lex all the current NASLs. Whats needed is code to
be written to execute actions, such as opening a TCP socket or making an HTTP request.

Work continues...

====

Sussen 0.11

MMG Security announces the release of Sussen 0.11.

WHAT IS SUSSEN?
---------------
Sussen is a tool for testing the security posture of computers and other
network devices. It is in an early stage of development and should be
considered experimental. Sussen is improving rapidly on many fronts, but
it is not yet stable enough for full-time, everyday use.

There are three (3) parts that make up Sussen. There is the agent which
you can install on target systems. The agent can perform a host-based
assessment using Open Vulnerability Assessment Lanaguage (OVAL) [1]
tests.

The server handles the requests and communicates with the necessary
agent(s) to perform host-based assessments. The server also has the ability
to do a network based assessment of different systems/devices. The server
contains a Nessus Attack Scripting Language (NASL) interpreter.

Finally, there is the client which makes requests to the server. The client is
available for Gnome and Windows based platforms.

Sussen is released under the GNU General Public License (GPL) version 2,
see the file 'COPYING' for more information.

[1] - http://oval.mitre.org/

URLS
----

Sussen web site - http://www.sussen.org/

Mailing List - http://lists.sourceforge.net/mailman/listinfo/sussen-devel

Code Repository - http://svn.mmgsecurity.com/svn/sussen/

Bugzilla - http://bugs.mmgsecurity.com/

Latest news - http://people.mmgsecurity.com/~lorenb/

DEPENDENCIES
------------
To run Sussen, you need the following:

Linux:

* mono (1.1.x)
* gtk-sharp (1.0.x)
* glade-sharp (1.0.x)
* gnome-sharp (1.0.x)

Windows:

* Microsoft .NET Framework 1.1 w/ Service Pack 1

CHANGES SINCE 0.10
-----------------

* Added support for OVAL and NASL security tests
* Windows support
* Code cleanup and bugfixes




Sussen 0.10 Released

Thu, 16 Dec 2004 06:12:25 -0000

Sussen 0.10

MMG Security announces the release of Sussen 0.10.

WHAT IS SUSSEN?
---------------
Sussen is a tool for testing the security posture of computers and other
network devices. It is in an early stage of development and should be
considered experimental. Sussen is improving rapidly on many fronts, but
it is not yet stable enough for full-time, everyday use.

The scanner (sussen-scanner) performs the work of running security tests.
It communicates with the server to record details about what kinds of
security issues it finds.

The security tests (sussen-tests) are small programs designed to test
if systems are vulnerable to various security issues.

The server (sussen-server) listens for client requests. It's job is to
take the requests and distribute the work load to the scanner(s). The
information that the scanner(s) find is passed back to the server and
stored in the backend database.

To use you Sussen, you need a client. There are currently two (2)
clients available for Sussen:

* sussen-client - Gtk# based
* web based - ASP.NET / Web services (SOAP)

These allow users to initiate new scans or generate reports on completed
ones.

URLS
----

Sussen web site - http://sussen.sourceforge.net/

Mailing List - http://lists.sourceforge.net/mailman/listinfo/sussen-devel

Bugzilla - http://bugs.mmgsecurity.com/

Latest news - http://people.mmgsecurity.com/~lorenb/

DEPENDENCIES
------------
To compile Sussen, you need the following:

* mono (1.0.x)
* gtk-sharp (1.0.x)
* glade-sharp (1.0.x)
* gnome-sharp (1.0.x)

CHANGES SINCE 0.9
-----------------

* Complete re-write of Sussen in C#
* Initial public release




Sussen 0.9 Released

Tue, 03 Feb 2004 15:33:07 -0000

MMG Security announces the release of Sussen 0.9. Sussen is a security scanner which remotely tests computers or other devices and provides a report on their vulnerabilities. There are three (3) parts to the system: * sussen (client) * sussen-sensor (server) * sussen-plugins (security tests) sussen is the user facing side of the system. sussen is designed for the GNOME environment. It uses the Gtk+ 2.2 and GNOME 2.4 libraries. sussen is integrated into GNOME, with support for Drag and Drop (DnD) between Nautilus (GNOME file manager), use of the GNOME Virtual File System and the GNOME help system. sussen-sensor is responsible for performing security scans. It is integrated with GObject, uses Nmap port scanning and has Python based security tests. It also has support for PAM and internationalization/localization. sussen-plugins are the security tests used by both sussen and sussen-sensor. The tests are written using the Python scripting language. **NOTE**: Sussen is not currently suited for production use. Many features are incomplete or not working at all. * ChangeLog: sussen v0.9: * Created base window class SussenWindow * Convert main window, plugin and policy editors to use SussenWindowclass * Updated interface of the Plugin Editor. The look is kind of inspiredfrom the GIMP and Glade. * Added new command line option --debug to make it easier to track downproblems. * Slightly changed sussen DB schema * Preferences dialog now has option to create DB schema * Changed objects to use GObject properties * Updated Debian scripts as per lintian's checks * Updated help manual * Various bugfixes sussen-sensor v0.4: * Wrote ServiceAnalysis object. This analyzes services after a portscan sofor example if you run a web server on port 25 it will be tagged and andtested as such. The service fingerprints are held in a XML file andit's easy to add new ones. * Created SensorOracle object. This provides a way of tracking resultsand is used by the Python glue to implement the plugin API calls. sussen-sensor can save this information in a Berkeley DB and use it forhistorical analysis. The database is scalable to 256 Terabytes. * Created the start of the HistoricalAnalysis object. * Wrote initial functions for the sussen-plugin API. * sensor now only executes plugins specified by the client. It nolonger always runs them all. * Changed objects to use GObject properties * Updated Debian scripts as per lintian's checks. * Various bugfixes sussen-plugins v0.4: * Updating plugins for new plugin API calls * Screenshots http://sussen.sourceforge.net * More information The work for this project is being funded by MMG Security, Inc. The company website can be found at: http://www.mmgsecurity.com/ Sussen is released under the GNU General Public License (GPL) version 2, see the file 'COPYING' for more information. The official web site is: http://sussen.sourceforge.net More information about the development of Sussen can be found at: Developer Blog - http://people.mmgsecurity.com/~lorenb/ Mailing List - http://lists.sourceforge.net/mailman/listinfo/sussen-devel * Availability sussen tar.gz: http://prdownloads.sourceforge.net/sussen/sussen-0.9.tar.gz?download RPM: http://prdownloads.sourceforge.net/sussen/sussen-0.9-1.i386.rpm?download SRPM: http://prdownloads.sourceforge.net/sussen/sussen-0.9-1.src.rpm?download Debian: http://prdownloads.sourceforge.net/sussen/sussen_0.9-1_i386.deb?download sussen-sensor tar.gz: http://prdownloads.sourceforge.net/sussen/sussen-sensor-0.4.tar.gz?download RPM: http://prdownloads.sourceforge.net/sussen/sussen-sensor-0.4-1.i386.rpm?download SRPM: http://prdownloads.sourceforge.net/sussen/sussen-sensor-0.4-1.src.rpm?download Debian: http://prdownloads.sourceforge.net/sussen/sussen-sensor_0.4-1_i386.deb?download sussen-plugins tar.gz: http://prdownloads.sourceforge.net/sussen/sussen-plugins-0.4.tar.gz?download RPM: http://prdownloads.sourceforge.net/sussen/sussen-plugins-0.4-1.i386.rpm?download SRPM: h[...]



Sussen 0.8 Released

Fri, 16 Jan 2004 15:58:38 -0000

MMG Security announces the release of Sussen 0.8. Sussen is a security scanner which remotely tests computers or other devices and provides a report on their vulnerabilities. There are three (3) parts to the system: * sussen (client) * sussen-sensor (server) * sussen-plugins (security tests) sussen is the user facing side of the system. sussen is designed for the GNOME environment. It uses the Gtk+ 2.2 and GNOME 2.4 libraries. sussen is integrated into GNOME, with support for Drag and Drop (DnD) between Nautilus (GNOME file manager), use of the GNOME Virtual File System and the GNOME help system. sussen-sensor is responsible for performing security scans. It is integrated with GObject, uses Nmap port scanning and has Python based security tests. It also has support for PAM and internationalization/localization. sussen-plugins are the security tests used by both sussen and sussen-sensor. The tests are written using the Python scripting language. **NOTE**: Sussen is not currently suited for production use. Many features are incomplete or not working at all. * ChangeLog: sussen v0.8: * Re-write of code to better integrate with GNOME & GObject * More work on user interface * Start of Bonobo integration * Added GNOME integration features: Drag & Drop, GConf, and use of GNOME VFS * Added g_thread() support * Start of command line version of sussen * Lots of code clean-up * Updated build system to use intltool * Updated help manual sussen-sensor v0.3: * Re-write of sensor to better integrate with GObject * Switch from getopt() to popt() for command line parsing * Network protocol changes * Updating the method for loading Python plugins into the embedded interpreter * Preliminary work on exposing parts of sussen-sensor to the Python plugins. * Lots of code clean-ups sussen-plugins v0.3: * Re-stubbed plugins to reflect work on sussen-sensor 0.3 * Screenshots http://sussen.sourceforge.net * More information The work for this project is being funded by MMG Security, Inc. The company website can be found at: http://www.mmgsecurity.com/ Sussen is released under the GNU General Public License (GPL) version 2, see the file 'COPYING' for more information. The official web site is: http://sussen.sourceforge.net More information about the development of Sussen can be found at: Developer Blog - http://people.mmgsecurity.com/~lorenb/ Mailing List - http://lists.sourceforge.net/mailman/listinfo/sussen-devel * Availability sussen tar.gz: http://prdownloads.sourceforge.net/sussen/sussen-0.8.tar.gz?download RPM: http://prdownloads.sourceforge.net/sussen/sussen-0.8-1.i386.rpm?download SRPM: http://prdownloads.sourceforge.net/sussen/sussen-0.8-1.src.rpm?download Debian: http://prdownloads.sourceforge.net/sussen/sussen_0.8-1_i386.deb?download sussen-sensor tar.gz: http://prdownloads.sourceforge.net/sussen/sussen-sensor-0.3.tar.gz?download RPM: http://prdownloads.sourceforge.net/sussen/sussen-sensor-0.3-1.i386.rpm?download SRPM: http://prdownloads.sourceforge.net/sussen/sussen-sensor-0.3-1.src.rpm?download Debian: http://prdownloads.sourceforge.net/sussen/sussen-sensor_0.3-1_i386.deb?download sussen-plugins tar.gz: http://prdownloads.sourceforge.net/sussen/sussen-plugins-0.3.tar.gz?download RPM: http://prdownloads.sourceforge.net/sussen/sussen-plugins-0.3-1.i386.rpm?download SRPM: http://prdownloads.sourceforge.net/sussen/sussen-plugins-0.3-1.src.rpm?download Debian: http://prdownloads.sourceforge.net/sussen/sussen-plugins_0.3-1_i386.deb?download[...]



Sussen 0.7 Released

Sun, 21 Dec 2003 18:45:05 -0000

After a brief hiatus, we're back, just in time for Christmas. MMG Security
is pleased to announce the release of sussen v0.7, sussen-sensor v0.2, and
sussen-plugins v0.2.

Sussen is a security scanner which remotely tests computers or other devices and provides a report on their vulnerabilities. It features Python-based security tests, a GNOME interface, a GNOME-DB backend, and customizable reports.

Please note this software is under heavy development and is not recommended for production use.

* ChangeLog:

sussen v0.7:

* HIGification work on dialogs, windows and druids
* Re-designed policy manager; now policy editor
* Added plugin editor
* All preferences now stored in ~user/.sussen/sussen.xml
* Updated networking code to work with sussen-sensor v0.2
* Updated help to reflect changes
* Lot of code clean-ups & bug fixes

sussen-sensor v0.2:

* Re-write of Nmap support
* Added initial support for threading
* Changed SSXP protocol
* Minor changes to Python plugin interface
* syslog support added
* Various bugfixes

sussen-plugins v0.2:

* Re-stubbed plugins
* Sync with nessus-plugins v2.0.9

* More Information

http://sussen.sourceforge.net/

* Screenshots

http://sussen.sourceforge.net/screenshots/

* Availability

sussen:

tar.gz - http://prdownloads.sourceforge.net/sussen/sussen-0.7.tar.gz?download
RPM: http://prdownloads.sourceforge.net/sussen/sussen-0.7-1.i386.rpm?download
SRPM: http://prdownloads.sourceforge.net/sussen/sussen-0.7-1.src.rpm?download
Debian: http://prdownloads.sourceforge.net/sussen/sussen_0.7-1_i386.deb?download

sussen-sensor:

tar.gz - http://prdownloads.sourceforge.net/sussen/sussen-sensor-0.2.tar.gz?download
RPM: http://prdownloads.sourceforge.net/sussen/sussen-sensor-0.2-1.i386.rpm?download
SRPM: http://prdownloads.sourceforge.net/sussen/sussen-sensor-0.2-1.src.rpm?download
Debian: http://prdownloads.sourceforge.net/sussen/sussen-sensor_0.2-1_i386.deb?download

sussen-plugins:

tar.gz - http://prdownloads.sourceforge.net/sussen/sussen-plugins-0.1.tar.gz?download
RPM: http://prdownloads.sourceforge.net/sussen/sussen-plugins-0.1-1.i386.rpm?download
SRPM: http://prdownloads.sourceforge.net/sussen/sussen-plugins-0.1-1.src.rpm?download
Debian: http://prdownloads.sourceforge.net/sussen/sussen-plugins_0.2-1_i386.deb?download




Sussen 0.6 Released

Fri, 05 Sep 2003 11:01:03 -0000

This release of Sussen marks some big changes to our plans going forward.
With this release we are dropping support for Nessus and moving ahead
with our own server, which is called sussen-sensor.

Sussen is now a client/server based security scanner. The client is a
GNOME 2 based application, sussen, which we've been working on for a
few months now.

The server, sussen-sensor is based on GLib, GNet, and libxml. It's features
include:

* Python based plugins for security tests
* Nmap port scanning
* PAM support
* XML based configuration
* Support for internationalization and localization

Currently we only have stubs in place for our plugins. Our plans our to port
the 1,700+ Nessus plugins to Sussen. That work will begin shortly.

We are releasing sussen-sensor and sussen-plugins 0.1 along with sussen 0.6.
Since the sensor/plugins are in an early state this release is mainly for
developers and not suited for production use.

The work for this project is being funded by Star Chamber, Inc
(http://www.starchamber.ca/)

* More information

http://sussen.sourceforge.net/

* Availability

sussen:

tar.gz - http://prdownloads.sourceforge.net/sussen/sussen-0.6.tar.gz?download
RPM: http://prdownloads.sourceforge.net/sussen/sussen-0.6-1.i386.rpm?download
SRPM: http://prdownloads.sourceforge.net/sussen/sussen-0.6-1.src.rpm?download
Debian: http://prdownloads.sourceforge.net/sussen/sussen_0.6-1_i386.deb?download

sussen-sensor:

tar.gz - http://prdownloads.sourceforge.net/sussen/sussen-sensor-0.1.tar.gz?download
RPM: http://prdownloads.sourceforge.net/sussen/sussen-sensor-0.1-1.i386.rpm?download
SRPM: http://prdownloads.sourceforge.net/sussen/sussen-sensor-0.1-1.src.rpm?download
Debian: http://prdownloads.sourceforge.net/sussen/sussen-sensor_0.1-1_i386.deb?download

sussen-plugins:

tar.gz - http://prdownloads.sourceforge.net/sussen/sussen-plugins-0.1.tar.gz?download
RPM: http://prdownloads.sourceforge.net/sussen/sussen-plugins-0.1-1.i386.rpm?download
SRPM: http://prdownloads.sourceforge.net/sussen/sussen-plugins-0.1-1.src.rpm?download




Sussen 0.5.3 Released

Sat, 16 Aug 2003 14:29:17 -0000

Sussen 0.5.3 has been released. This is a minor
bugfix release that corrects some problems with the
'Gettting Started' druid.




Sussen 0.5.2 Released

Wed, 13 Aug 2003 15:37:48 -0000

Star Chamber (www.starchamber.ca) has released Sussen 0.5.2. This
release contains bugfixes and minor enhancements.

Session support is now working again. You can import previous sessions
from a Nessus server into the Sussen database. You can also restore/delete
sessions from the database.

The 'Getting Started' druid was changed to use GNOME-DB widgets. You
can also now create a new datasource from from druid if needed, it's no
longer something you had to do seperately.

The rest of the code changes were minor bugfixes.

ChangeLog:

* Session support fixed/enhanced
* Changed 'Getting Started' druid to use GNOME-DB widgets
* Removed hard coded "sussen"/"sussen" from backend_init