Hi Craig,
A follow-up:
I wrote:
>... would it be possible to respond to the following requests
>regarding the reports generated by SNS's scanning, which were made
>by campus computing support staff at a Micronet meeting on April 12,
>2005, and which I forwarded to you back then?
>
> 1. Include severity levels for each vulnerability.
> 2. Provide some way of obtaining info on non-CVE-listed vulnerabilities.
> 3. Include listings for hosts with zero detectable vulnerabilities.
> 4. Include listings for hosts which could not be reached by the scan
> (regardless of reason).
Since the impending scanning will be focused on minimum standards
compliance, requests 1 and 2 could be recast as follows:
1. Include severity levels for each vulnerability or, where possible,
each minimum standards compliance issue.
2. Provide some way of obtaining info on non-CVE-listed vulnerabilities
or on resolving compliance issues.
While the above may involve considerable effort - perhaps beyond
the scope of work that could be done in time for a near future scan,
if at all - has implementation of the recast 3rd and 4th suggestions
below been already done, or could it be done, prior to the impending
scan?
3. Include listings for hosts with zero detectable vulnerabilities
or minimum standards compliance issues.
This way, support providers will receive unambiguous information
that these hosts were scanned and "passed," rather than having
been missed by the scanning.
4. Include listings for hosts which could not be reached by the scan
(regardless of reason).
Ideally, this could be expanded to also identify which individual
minimum standards compliance scans/tests could not be performed
on a host, even if that host was reached by the scan.
That way, support providers would be informed that the scan
has *not* given a host an "all clear"; rather, that certain
areas of compliance could not be ascertained. This might also
help support providers identify hosts whose configurations may
be impeding SNS scanning.
Aron Roberts
Workstation Software Support Group
------------------------------------------------------------------------
The following was automatically added to this message by the list server:
For information about Micronet, including subscribing to
or unsubscribing from its mailing list and finding out
about upcoming meetings, please visit the Micronet Web site:
<http://micronet.berkeley.edu/>.
Received on Mon Sep 19 15:41:52 2005
This archive was generated by hypermail 2.1.8 : Mon Sep 19 2005 - 15:41:52 PDT