On Fri, 4 Apr 2003, Michael Scheidell wrote: > [ Charset ISO-8859-1 unsupported, converting... ] > > hi guys > > > > can somebody tell me wat is the definition of > > Not quite, RISKS classify the severity of a vulnerability. The security notes/warnings/hole do too, but to a lesser extent. I research this a couple of months ago, you can find more information at my website: http://www.rit.edu/~wjh3710/plugin_stats.html
> > 1. Security Hole > something you need to fix now. the attack was a success and poses a great security risk > > > 2. Security Warning > something you need to fix soon the attack was a success but is not a great security problem > > 3. Security Note > something you need to fix when you get around to it, or just some > information that you should consider. information was found about you system through scans/banners > Some of the security notes are NOT vulnerabilities because they can't be prevented. Also, a majority of the plugin authors associate a risk with their plugin. IMHO, the risk should be used to determine if/when some vulnerability should be fixed. > > > > in context of nessus. > > > > regards, > > Bish > > > > __________________________________________________ > > Yahoo! Plus > > For a better Internet experience > > http://www.yahoo.co.uk/btoffer > > > > -- > Michael Scheidell, CEO > SECNAP Network Security, LLC > Sales: 866-SECNAPNET / (1-866-732-6276) > Main: 561-368-9561 / www.secnap.net > Looking for a career in Internet security? > http://www.secnap.net/employment/ > ---------------------- William Heinbockel Rochester Institute of Technology E-mail: [EMAIL PROTECTED]
