[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: managing/filtering/searching security alerts for multiple OS's
In your message dated: Tue, 16 Jan 2001 12:28:37 EST,
your pithy ruminations on <Re: managing/filtering/searching security alerts for
multiple OS's> were:
=>
=> I recommend a daily visit to www.securityfocus.com and every two or three
=> days to archives.neohapsis.com. Not as nice as getting mail but your less
=> likely to miss something.
Thanks, but that doesn't scale for 150+ admins and 2500~5000 devices being managed.
Mark
=>
=> On Mon, 15 Jan 2001 bergman@merctech.com wrote:
=>
=> >
=> > I'm looking for a solution to correlate the multiple sources of security
=> > alerts, such as bugtraq, nt-bugtraq, vendor lists, etc. against the inventory
=> > of machines that we manage (linux, bsd, Solaris, NT, Win2K, HP, AIX).
=> >
=> > We're considering the vulnerability database service offered by
=> > eSecurityOnline.com, but we have a number of issues with their product.
=> >
=> > Does anyone have experience with a comparable vendor, or have you developed
=> > your own database & way of classifying and managing the stream of alert data
=> > from various sources?
=> >
=> > I'll summarize any responses back to the list.
=> >
=> > Mark
=> >
=> >
=>
=> -------------------------------------------------------------------------------
=> _/ /_ | Andy Johnston
=> _/_/ /_ |
=> _/ _/ _/_/_/ /_/_/_ /_ /_ | afj@alumni.princeton.edu
=> _/_/_/_/ _/ _/ /_ /_ /_ /_ |
=> _/ _/ _/ _ /_/_/_ /_ | http://alumni.umbc.edu/~ajohns5
=> /_ |
=> /_ | (PGP Public Keys at web site)
=> ...............................................................................
=> PGP Key Fingerprints (31-mar-2000):
=> (afj2000) 2048/271F5FA1 5D 44 1E 2E A6 7C 91 7A C4 66 5F D5 BA B9 F6 58
=> -------------------------------------------------------------------------------
=>
=>