Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Oliver Petruzel (opetruzelcox.rr.com)
Date: Sun Apr 07 2002 - 01:37:37 CST
I think what he seeks are power-point presentation bullet-points... such
as "x number of companies reported bind hacks in 2001" etc...
SANS is a good start for info, and projects at secfocus are good
From: Valdis.Kletnieksvt.edu [mailto:Valdis.Kletnieksvt.edu]
Sent: Friday, April 05, 2002 11:59 PM
Subject: Re: hello
On Sat, 06 Apr 2002 10:16:19 +0800, xzchen <xzchensei.xjtu.edu.cn>
> Hi,I am engaged in the vulnerability assessment. Now I am lack of
> the statistic results about the exploting incidents of some
> vulnerabilities.How can I get some statistic data about the
> exploting incidents of some vulnerabilities? Please provide me some
> reference. Thank you.
Vulnerability assessments are usually made on a specific
program/site/network. As a result, simply throwing statistics like
"18 million hosts were infected with Nimda" doesn't tell you
*ANYTHING* about whether your target is vulnerable to anything, Nimda
or otherwise. On the other hand, *IF* your network contains Linux
systems, Dave Dittrich's estimate of how long an unpatched Linux
system survives may be useful information.
-- Valdis Kletnieks Computer Systems Senior Engineer Virginia Tech