Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Nessus Scoring System

from [Ron Gula] Network Security [Permanent Link]
Subject: Re: Nessus Scoring System
Date: Thu, 06 Apr 2006 16:53:19 -0400 
At 02:02 PM 4/6/2006, mudyo26 CryptoMail User wrote:

Is there any Scoring system / Risk Score based on Nessus output ?
What if an organization does scanning every day and want to know how the
"security score" is increasing or decreasing based on vulnerabilities found(not found).

I read one posting by Renaud in early 2005 in Nessus lists that it is being worked upon. 

Tenable has used CVSS to score vulnerabilities in Nessus for some
time now. We've not gone back and scored all 10k+ plugins, but the
major ones have been done. Incidentally, our passive scanning product
uses CVSS scores as well.

Tenable's console product, Security Center, also does two types of
scoring.

First, based on the types of data collected by Nessus or through passive
monitoring, it discovers your assets. If you know what an asset list
already you can upload those as well. Assets can be things like "DMZ
Windows 2000 Web Servers" , "Core Cisco Routers" or stuff like the
"Financial Database". You can then use those assets to report on the
discovered vulnerabilities and compare them to each other with tending.
The advantage of doing it by asset, is you get a comparative trend,
for each user's view of which asset groups they are authorized to see.
In other words, small changes in vulns for your Cisco routers don't
mean much in the grand scheme of things, but might mean a lot to the
folks running your routers.

Second, the Security Center assigns point values to the low|medium|high
severity levels. Through the user interface, you can do just about any
type of query (with filters for Nessus IDs, families, ports, .etc) and
ask it to summarize all IPs or ClassA|B|C, along with a score. This way
you can do a report and see which IP is the 'most vulnerable' based on
a score.

If you're dealing with a pure Nessus solution, I would not discount
the severity level of the underlying plugin scores. Tenable puts a
great deal of thought into assigning these severity levels, but they
are a level higher than something like a CVSS score.

Ron Gula, CTO
Tenable Network Security










_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: NeWT Question: NeWT hangs at 98/99%, Deeds, Chad
Next by Date:  running single specific plugin from command line, Max Yellow
Previous by Thread:  Re: Nessus Scoring System, mike . sleeper
Next by Thread:  running single specific plugin from command line, Max Yellow
Indexes:  [Date] [Thread] [Top] [All Lists]