Re: managing/filtering/searching security alerts for multiple OS's

[anderson johnston <ajohns5@alumni.umbc.edu>]

I recommend a daily visit to www.securityfocus.com and every two or three
days to archives.neohapsis.com.  Not as nice as getting mail but your less
likely to miss something.

On Mon, 15 Jan 2001 bergman@merctech.com wrote:

> 
> I'm looking for a solution to correlate the multiple sources of security 
> alerts, such as bugtraq, nt-bugtraq, vendor lists, etc. against the inventory 
> of machines that we manage (linux, bsd, Solaris, NT, Win2K, HP, AIX).
> 
> We're considering the vulnerability database service offered by 
> eSecurityOnline.com, but we have a number of issues with their product.
> 
> Does anyone have experience with a comparable vendor, or have you developed 
> your own database & way of classifying and managing the stream of alert data 
> from various sources?
> 
> I'll summarize any responses back to the list.
> 
> Mark
> 
> 

-------------------------------------------------------------------------------
    _/                   /_           |	Andy Johnston
   _/_/                  /_           |	
  _/  _/    _/_/_/   /_/_/_  /_   /_  |	afj@alumni.princeton.edu
 _/_/_/_/   _/   _/ /_  /_    /_ /_   |	
_/      _/  _/   _   /_/_/_    /_     |	http://alumni.umbc.edu/~ajohns5
                              /_      |
                             /_       | (PGP Public Keys at web site)
...............................................................................
                    PGP Key Fingerprints (31-mar-2000): 
   (afj2000) 2048/271F5FA1  5D 44 1E 2E A6 7C 91 7A C4 66 5F D5 BA B9 F6 58
-------------------------------------------------------------------------------