>
> I am writing a procedure to "housekeep" a syncronized list of plugs on a
> RDBMS, but my database is case insensitive (and willing to stay so :-).
> I keep a hash of the plugin contents on the db, to acknowledge changes
> in the plugin contents. Of course the two plugs above kjeep triggering
> the "plug changed" flagging...!
If the code you are writting is GPL I would appreciate it if you
sent it to the list. I'm also writting a script (is 90% done) to extract the
plugins information from the text files to a Postgres database. My intention
is to have a full database with:
- securityfocus' bugtraq (I have made a custom script to download the
bugtraq
info from the web page, parse it and add it to an SQL database)
- CVE pages (CVE offers a csv file which can be easily added to a database,
even
though some of the information, mostly hyperlinks, is missing from it)
- ICAT database (based on CVE)
- Nessus plugins information
- Cybercop's plugins information (they are distributed in a Access database
with
the product)
That way I can, via CVE references, see all the information related to any
vulnerability and (probably) extract useful information from other
datababases so
the Solution: side of Nessus is improved.
Anyone has tried this before?
Regards
Javi
