Full Disclosure mailing list archives
Re: Vulnerability Disclosure Debate
From: Florian Weimer <fw () deneb enyo de>
Date: Thu, 07 Aug 2003 21:22:24 +0200
"Joel R. Helgeson" <joel () helgeson com> writes:
If they did that, how could we write NESSUS plugins that would accurately scan for vulnerabilities?
You don't, so you buy a proprietary scanner. Look at who's takes part in those coordinating forums. Some companies certainly have conflicting interests.
Managing security by applying patches is fundamentally flawed. The programmers need to write secure code. The onus is on them, not us.
Then why do you think it's of any importance to write Nessus plugins? 8-) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Vulnerability Disclosure Debate gridrun (Aug 07)
- Re: Vulnerability Disclosure Debate Joel R. Helgeson (Aug 07)
- Re: Vulnerability Disclosure Debate Florian Weimer (Aug 07)
- Re: Vulnerability Disclosure Debate Ben Laurie (Aug 13)
- Re: Vulnerability Disclosure Debate Jeremiah Cornelius (Aug 07)
- Re: Vulnerability Disclosure Debate Florian Weimer (Aug 07)
- Re: Vulnerability Disclosure Debate Georgi Guninski (Aug 07)
- Re: Vulnerability Disclosure Debate Geoincidents (Aug 07)
- Re: Vulnerability Disclosure Debate Cesar (Aug 07)
- Re: Vulnerability Disclosure Debate gregh (Aug 07)
- Re: Vulnerability Disclosure Debate Matthew Murphy (Aug 07)
- Re: Vulnerability Disclosure Debate Darren Bennett (Aug 07)
- Re: Vulnerability Disclosure Debate Matthew Murphy (Aug 07)
- Re: Vulnerability Disclosure Debate Darren Bennett (Aug 07)
(Thread continues...)
- Re: Vulnerability Disclosure Debate Joel R. Helgeson (Aug 07)