Am Wednesday 19 November 2008 19:41:01 schrieb Thomas Reinke: > We've been noting that tests that would be, for lack of a better name, > classified as Windows local security checks are being categorized > in the family "Misc.", "General", "Denial of Service", and so on. > > These tests appear (unless we've missed a few) all the equivalent > of local security checks for linux type systems, requiring registry > access. > > Shouldn't these put into a family that reflects their nature? > E.g. existing category "Windows"? Or if this is too generic, something > like "Windows local security checks"? > > For MS bulletins, the category currently being used is "Windows", > but there is already a category specifically for these, > i.e. "Windows : Microsoft Bulletins". I suspect the various > *ms08*.nasl scripts should be using that family.
it is a long-standing issue to me that we need to consolidate the families. Perhaps the best approach is to write a CR that provides definitions (or some other sort of characterization) for the families we should maintain. This might be a challenging task and it might take some time to agree on the (potentially changed/extend) set of families. This might also relate to the thoughts about OID scheme, but I am not sure yet. Best Jan _______________________________________________ Openvas-plugins mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins
