OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: John LaCour (jlacournetscreen.com)
Date: Mon May 20 2002 - 12:13:41 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Archive: http://msgs.securepoint.com/ids
    FAQ IDS: http://www.sans.org/newlook/resources/IDFAQ/ID_FAQ.htm
    FAQ NIDS: http://www.ticm.com/kb/faq/idsfaq.html
    IDS: http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
    HELP: Having problems... email questions to ids-owneruow.edu.au
    NOTE: Remove this section from reply msgs otherwise the msg will bounce.
    SPAM: DO NOT send unsolicted mail to this list.
    UNSUBSCRIBE: email "unsubscribe ids" to majordomouow.edu.au
    -----------------------------------------------------------------------------
    See http://cve.mitre.org/ to start.

    -John

    -----Original Message-----
    From: João Abrantes [mailto:Joao.Abrantesnetpartner.pt]
    Sent: Monday, May 20, 2002 12:01 AM
    To: 'idsuow.edu.au'
    Subject: IDS: Vulnerability Categorization

    Hi!
     
                We are a group of consultants doing some security auditing and
    we are trying to improve our vulnerability categorization system. We would
    like to introduce the following three fields in our vulnerability database:
    - Attack Complexity (how difficult is to make that attack)
    - Attack Popularity (how popular is that attack)
    - Resolution Easiness (how easy it is to solve the problem)
     
    Does anyone usually do this kind of categorization for found
    vulnerabilities? How do you usually do it?
    Is there a standard source of information that can help us do this kind of
    work?
     
    Just another question... Dow anyone know of any automated tools to do a
    security audit to an Informix database?
     
    Thanks in advance,
                João Abrantes

    NETPARTNER - Consultoria e Serviços em
    Comunicações Empresariais, Lda

    Av. Duque D'Ávila, 23 1000-138 Lisboa, Portugal
    Tel: +351-213511420 / Fax: +351-213511421
    Web: http://www.netpartner.pt

    Este e-mail foi verificado por software anti-virus.
    This e-mail has been checked for viruses.

    AVISO
    Esta mensagem (incluindo quaisquer anexos) pode conter informação
    confidencial para uso exclusivo do destinatário. Se não for o destinatário
    pretendido não deverá usar, distribuir ou copiar este e-mail. Se recebeu
    esta mensagem por engano por favor informe o emissor e elimine-a
    imediatamente. As opiniões emitidas nesta mensagem não são necessariamente
    as da NETPARTNER. Obrigado.

    DISCLAIMER
    This e-mail (including any attachments) may contain confidential information
    for exclusive use of its recipient. If you are not the intended recipient
    you must not use, distribute or copy this e-mail. If you have received this
    e-mail in error please notify the sender and delete it immediately. Any
    views expressed in this e-mail are not necessarily the views of NETPARTNER.
    Thank You.