an earlier comment from ron gula touched on how some vulns are remote etc.
as of a few days ago, here's some quick numbers around the "range" element
(where the attack can be mounted from) from the NVD, which annotates CVE
entries. note that some attacks can have multipe range attributes.
nvd=# SELECT range_type, count(range_type) from range group by range_type;
range_type | count
---------------+-------
local | 5368
remote | 19697
user_init | 3121
network | 6929
local_network | 114
(5 rows)
data from http://nvd.nist.gov/, imported into a local SQL database for
use.
________
jose nazario, ph.d. http://monkey.org/~jose/
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------
