|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Dailydave] Vuln scoring system anyone?
From: Brian (bmc
snort.org)
Date: Tue Mar 01 2005 - 15:23:38 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Tue, Mar 01, 2005 at 04:00:55PM -0500, security curmudgeon wrote:
> What if someone posted a Snort signature for a new vuln before a vendor
> ack'd it? You have no proof that its a valid vulnerability yourself, but
> you have a detailed advisory from a reputable security researcher and a
> respected snort sig writer that tested the vulnerability and wrote a
> signature to monitor for exploitation.
>
> That has to count for something, yes?
Reputable & Respected count for quite a bit. Both of those words were
missing from your first email. Who decides who is reputable & respected?
Since this conversation is on dailydave, I'll use Dave as an example.
(Sorry Dave.) Do you trust Dave's commentary? If you do, how do you
know Dave made the comment, since he doesn't cryptographically sign
his emails?
I'm all for a better classification of vulnerabilities. The
classification that I use for snort rules is *HORRID*. A decent
standard would be very useful.
However, I forsee many problems with attaching respect to
vulnerability classification.
Brian
_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
https://lists.immunitysec.com/mailman/listinfo/dailydave
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]