Vulnerability Count
George Toft
plug-discuss@lists.PLUG.phoenix.az.us
Sun, 26 Aug 2001 09:53:15 -0700
I believe the RH count totals all packages, and Win counts the OS,
Exchange, and IIS.
George
"John (EBo) David" wrote:
>
> George Toft wrote:
> >
> > Come on, it's just a script:
> >
> > #!/bin/bash
> >
> > # This script gets the list of vulnerabilities for each operating system
> > > > ...
> > > > > It would also be nice if you could plot the frequency of vulnerabilities
> > > > > over time and compare a single graph...
> > > >
> > > > A breakdown of remotely exploitable vs locally exploitable would be
> > > > good, too.
> > >
> > > agreed.
>
> Just made the time to check out the site. Most of what I wanted to see
> is there to see... I do find it interesting that they make a Linux
> aggregate (I assume the sum of all Linux distro's). This counts many,
> if not most, vulnerabilities twice. Also aggregating Win2000/NT may do
> the same (although these are supposed to be different OS's).
>
> The thing I find interesting is that RH is on par with Win* for
> vulnerabilities so far this year. Are these numbers correct? Are we
> counting apples and oranges, or is the RH count totaling all packages
> while win* counting only the OS. I really am curious about this...
>
> EBo --
> ________________________________________________
> See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't post to the list quickly and you use Netscape to write mail.
>
> PLUG-discuss mailing list - PLUG-discuss@lists.PLUG.phoenix.az.us
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss