Penetration Testing mailing list archives
Re: Nessus and Sans top 20
From: xelerated <xelerated () gmail com>
Date: Fri, 14 Apr 2006 20:16:25 -0400
I ask for a purely regulatory/auditor stand point. I realize its out dated, and its not what i focus on, but with a large org, with to many hands in the pot, if a sans top 20 issue is out there, i HAVE to clear it up before an auditor finds it. Plus, its nice for them to see that we do it, just for the horse and pony show. On 4/14/06, Tim <pand0ra.usa () gmail com> wrote:
May I ask why? In my _opinion_, basing vulnerability scans on the SANS Top 20 is a step towards disaster. Keep in mind that the SANS Top 20 is not updated on a frequent basis, I believe it is done quarterly. If (I am not saying this is a certainty) the system is out of date on patches the SANS Top 20 will probably not flag all of the issues. I have seen organizations base their scanning policy on the ST20 thinking they were covered. When we came in to do an audit the scans revealed MANY more issues then they were aware of. At that point we had to calm them down and explain why their scans differed so much from ours. In my personal opinion I think the ST20 is fun to look at but is a disaster waiting to happen. The only benefit I can see in doing this is to show the client/management that only following the ST20 is setting them up for a compromise. As for your original question you can manually go through the plugins and map those back to the ST20. I don't remember if there is some way to search for those. On 4/14/06, xelerated <xelerated () gmail com> wrote:I have looked pretty heavily for an easy way to generate an Sans Top 20 result list from a nessus scan. Be it a filter and doing just a scan for sans top 20's or filtering from an already ran scan. The closest thing I have found was update-nessusrc. So far i cant get it to generate a new rc for the top 20s. It just hangs. Is there any way to get a Top 20 report for nessus? Thanks Chris-- Tim
Current thread:
- Nessus and Sans top 20 xelerated (Apr 14)
- Re: Nessus and Sans top 20 Tim (Apr 14)
- Re: Nessus and Sans top 20 xelerated (Apr 16)
- Re: Nessus and Sans top 20 Tim (Apr 14)