tony toni [mailto:[EMAIL PROTECTED]]
Sent: Friday, May 31, 2002 6:33 PMTo: [EMAIL PROTECTED]
Subject: Nessus Security Reporting..Inconsistent Reporting?
Hi,
I started using Nessus about a month ago. The security metrics that I use
is that the IT Server Staff must review/correct Nessus security fi
"High" Severity means that a lot of damange can be done if the vulnerability is
exploited (in other words intruder gets root permissions) In some cases intruder gets
"nobody" permissions, Anyway
Severity ratings means what/how much damage can be done if the vulnerability is
exploited.
Where
Hi,
I started using Nessus about a month ago. The security metrics that I use
is that the IT Server Staff must review/correct Nessus security findings
that are rated as "High" in the severity column of the report and/or if the
risk factor is "Serious" in the Description column.
I know this