Vulnerability Development mailing list archives
Re: hello
From: Valdis.Kletnieks () vt edu
Date: Fri, 05 Apr 2002 23:59:24 -0500
On Sat, 06 Apr 2002 10:16:19 +0800, xzchen <xzchen () sei xjtu edu cn> said:
Hi,I am engaged in the vulnerability assessment. Now I am lack of the statistic results about the exploting incidents of some vulnerabilities.How can I get some statistic data about the exploting incidents of some vulnerabilities? Please provide me some reference. Thank you.
Vulnerability assessments are usually made on a specific
program/site/network. As a result, simply throwing statistics like
"18 million hosts were infected with Nimda" doesn't tell you
*ANYTHING* about whether your target is vulnerable to anything, Nimda
or otherwise. On the other hand, *IF* your network contains Linux
systems, Dave Dittrich's estimate of how long an unpatched Linux
system survives may be useful information.
--
Valdis Kletnieks
Computer Systems Senior Engineer
Virginia Tech
Attachment:
_bin
Description:
