Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Nessus Risk Factors

from [Paul Melson] Network Security [Permanent Link]
Subject: RE: Nessus Risk Factors
Date: Mon, 23 Jan 2006 16:59:00 -0500 
________________________________
Subject: Re: Nessus Risk Factors


Thanks, that list helps define how they score various risks, but is there

documentation on 

how they correlate to the Nessus risk factors?  And is there a list of all

of the currently > used risk factors (by Nessus)?

Risk factors as they appears in Nessus' output are uniquely and somewhat
arbitrarily assigned by each script that Nessus runs.  These ratings are
simple text inside the desc field of each nasl script.  Therefore, the best
way to identify all possible values would be to actually parse those files.


A quick grep through my plugins directory yielded 17 generally unique values
(including puzzling things like "None / High" or "None at this time") and 79
unique fields (meaning that due to punctuation, capitalization, or spacing,
uniq decided they were unique).  So if you're writing parsers, be prepared
to spend some time writing case statements to properly handle them all.  

It might actually be faster and more efficient to modify the nasls and
impose your own risk factor consistency there prior to running a scan
(especially since there are nearly 1K nasl scripts that don't output a risk
factor value, so you could add your own).  Then you could just maintain a
diff of your plugins directory to apply each time you update.  I started
doing something close to this (an Oinkmaster-type script for Nessus nasl
scripts instead of Snort rules), but the work it would've been supporting
never came to pass.

PaulM


_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Nessus Risk Factors, George A. Theall
Next by Date:  Scanning XP SP2, Nelson, C.M.
Previous by Thread:  Re: Nessus Risk Factors, George A. Theall
Next by Thread:  Scanning XP SP2, Nelson, C.M.
Indexes:  [Date] [Thread] [Top] [All Lists]