Re: Vulnerability scanners

• Previous message: Michael Welch: "RE: Vulnerability scanners"
• In reply to: Dan Lynch: "Vulnerability scanners"
• Next in thread: Paris Stone: "RE: Vulnerability scanners"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 28 Mar 2003 07:58:39 +0100
From: Anders Thulin <Anders.Thulin@kiconsulting.se>
To: Dan Lynch <dan.lynch@placer.ca.gov>

Dan Lynch wrote:

> Any input you can offer is greatly appreciated.

   One of the more important factors to consider, I think,
is if the reporting fits your planned workflow, or if you
have to butcher it to make it work.

   I'm thinking mainly of the things that have to be done:
the 'action lists' to be given to the sysadmins. If reporting
can be done in terms of their real areas of responsibility it's
better than if you get a report in terms of C-nets, or types
of vulnerability, and have to cut and paste it to the form you
want it.

   Of course, in a stable network, it may not matter much, and
things won't change a lot. In a newwork with only one sysadmin,
again, this is not a major issue. In a university-type network --
lots of more or less autonomous nets where anything can and does
happen -- it may be very important to ensure reports get out
as quickly as possible.

-- 
Anders Thulin   anders.thulin@kiconsulting.se   040-661 50 63	
Ki Consulting AB, Box 85, SE-201 20 Malmö, Sweden
top spam and e-mail risk at the gateway.
SurfControl E-mail Filter puts the brakes on spam & viruses
and gives you the reports to prove it. See exactly how much
junk never even makes it in the door. Free 30-day trial:
http://www.surfcontrol.com/go/zsfptl1

• Previous message: Michael Welch: "RE: Vulnerability scanners"
• In reply to: Dan Lynch: "Vulnerability scanners"
• Next in thread: Paris Stone: "RE: Vulnerability scanners"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Paging plus. net and F9 newserver users. ... business simply is not>> worth the effort but that won't happen ... How does reporting it make more work for the spammers? ... the spam and then click delete. ... and the bulk of people won't bother either. ... (uk.rec.motorcycles) Re: Massive increase of spam on debian-*@l.d.o ... >> I'm reporting the spam. ... Most well-run ISPs ignore Spamcop reports. ... Over 90% of the spam I'm getting/blocking is relayed through ... Complaining to Chinanet Guangdong Province is not effective, ... (Debian-User) Re: Bogus abusive spam complaint from Robert Perkis REPORTED TO HIS ISP! ... Sorry about incorrectly reporting your illegal chain letter ... > Following my rant is a message that one of your users, Robert Perkis, posted ... It IS NOT SPAM. ... > Newsgroups: rec.gambling.lottery ... (rec.gambling.lottery) Re: Goldbuyer voices his concerns ... the gold-selling spam in the game can be interpreted as consent from ... Blizzard, regardless of the TOS. ... The coming patch will take care of some of it, but the spam that annoys ... Have there be repercussions for falsely reporting another player. ... (alt.games.warcraft) Re: attachment and e-mail where to report these security issues? ... "On Button Reporting" of spam is not. ... NOT true for spam. ... key step in "One Button Reporting" is verification by the antivirus ... > Yes - the antivirus program is a good place to originate notifications ... (microsoft.public.security.virus)