Re: hello

From: Valdis.Kletnieks@vt.edu
Date: Fri Apr 05 2002 - 23:59:24 EST

• Next message: 3APA3A: "Re: Techniques for Vulneability discovery"
• Previous message: xzchen: "hello"
• In reply to: xzchen: "hello"
• Next in thread: Oliver Petruzel: "RE: hello"
• Reply: Oliver Petruzel: "RE: hello"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Sat, 06 Apr 2002 10:16:19 +0800, xzchen <xzchen@sei.xjtu.edu.cn> said:

> Hi,I am engaged in the vulnerability assessment. Now I am lack of
> the statistic results about the exploting incidents of some
> vulnerabilities.How can I get some statistic data about the
> exploting incidents of some vulnerabilities? Please provide me some
> reference. Thank you.

Vulnerability assessments are usually made on a specific
program/site/network. As a result, simply throwing statistics like
"18 million hosts were infected with Nimda" doesn't tell you
*ANYTHING* about whether your target is vulnerable to anything, Nimda
or otherwise. On the other hand, *IF* your network contains Linux
systems, Dave Dittrich's estimate of how long an unpatched Linux
system survives may be useful information.

-- 
				Valdis Kletnieks
				Computer Systems Senior Engineer
				Virginia Tech

• application/pgp-signature attachment: stored

• Next message: 3APA3A: "Re: Techniques for Vulneability discovery"
• Previous message: xzchen: "hello"
• In reply to: xzchen: "hello"
• Next in thread: Oliver Petruzel: "RE: hello"
• Reply: Oliver Petruzel: "RE: hello"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 22:28:03 EDT