Home page logo

basics logo Security Basics mailing list archives

Re: Vulnebrability level definition
From: "R. DuFresne" <dufresne () sysinfo com>
Date: Tue, 11 Feb 2003 14:54:55 -0500 (EST)

Part of this depends upon the technical savvy of the folks you are trying
to communicatew with.  And there is prolly alot of confusion with various
rating methods in place depending upon whence one seeks such info, nessus
I think uses params much like you state here, I think mitre.org uses
something a tad different, while SAN' weekly vulnerability assessments
look to rate much as you do here.  I kinda like the SANS rating methid and
would suggest that might work as a template for you to go by.


Ron DuFresne

On Tue, 11 Feb 2003, Andres Martinez wrote:

I need a good definition for the levels of severity related with
I'm using Very High, High, Mid , Low, Warning

Any documentation, definition or Internet URL will be appreciated


Andres M

This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:

        admin & senior security consultant:  sysinfo.com

"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart

testing, only testing, and damn good at it too!

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]