From: xelerated (xelerated@gmail.com)
Date: Fri Apr 14 2006 - 20:16:25 EDT
I ask for a purely regulatory/auditor stand point.I realize its out dated, and its not what i focus on, butwith a large org, with to many hands in the pot,if a sans top 20 issue is out there, i HAVE to clear it upbefore an auditor finds it.
Plus, its nice for them to see that we do it, just forthe horse and pony show.
On 4/14/06, Tim <pand0ra.usa@gmail.com> wrote:> May I ask why? In my _opinion_, basing vulnerability scans on the SANS> Top 20 is a step towards disaster. Keep in mind that the SANS Top 20> is not updated on a frequent basis, I believe it is done quarterly. If> (I am not saying this is a certainty) the system is out of date on> patches the SANS Top 20 will probably not flag all of the issues.>> I have seen organizations base their scanning policy on the ST20> thinking they were covered. When we came in to do an audit the scans> revealed MANY more issues then they were aware of. At that point we> had to calm them down and explain why their scans differed so much> from ours. In my personal opinion I think the ST20 is fun to look at> but is a disaster waiting to happen.>> The only benefit I can see in doing this is to show the> client/management that only following the ST20 is setting them up for> a compromise. As for your original question you can manually go> through the plugins and map those back to the ST20
. I don't remember> if there is some way to search for those.>> On 4/14/06, xelerated <xelerated@gmail.com> wrote:> > I have looked pretty heavily for an easy way to generate an Sans Top 20> > result list from a nessus scan.> >> > Be it a filter and doing just a scan for sans top 20's or> > filtering from an already ran scan.> >> > The closest thing I have found was update-nessusrc.> > So far i cant get it to generate a new rc for the top 20s.> > It just hangs.> >> > Is there any way to get a Top 20 report for nessus?> >> >> > Thanks> > Chris> >>>> --> Tim>
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:50 EDT