Information Security News mailing list archives
Re: Re: SANS Top 20 Vulnerability List Updated
From: InfoSec News <isn () c4i org>
Date: Thu, 13 Dec 2001 02:52:43 -0600 (CST)
Forwarded from: Ejovi B. Nuwere <ejovi () ejovi net> Actually, this top 20 list has helped me. It gives me the ability to scan my entire network for attacks most likely to be automated or used by script kiddies. Thats a huge help. And time saver. On Tue, Dec 04, 2001 at 02:10:45AM -0600, InfoSec News wrote:
Forwarded from: Felix von Leitner <leitner () vim org> Thus spake InfoSec News (isn () c4i org):NIST has been working with SANS to provide an enhanced top 20 vulnerability list. The original list produced by SANS and the FBI contained 20 important vulnerability areas with reference to over 140 specific vulnerabilities.Short question: what the hell is going on here? What significance could this have at all besides SANS telling us that they consider themselves of earth-shattering importance? Top 20 vulnerabilities? Is this an E! franchise? Why is worthless crap like a "top 20 vulnerabilities" list even done at all? Why not pay those obviously very talented and highly respected members of the security community to actually do something useful, like _do_ something against security vulnerabilities instead of doing PR work? Sheesh. What's next? The top 20 deseases causing bowel movement? Felix
ejovi nuwere http://www.ejovi.net - ISN is currently hosted by Attrition.org To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY of the mail.
Current thread:
- Re: SANS Top 20 Vulnerability List Updated InfoSec News (Dec 04)
- <Possible follow-ups>
- Re: Re: SANS Top 20 Vulnerability List Updated InfoSec News (Dec 13)