On Monday 22 April 2002 06:40 pm, H D Moore wrote: > This perl script will create a snort-like "map" of nessus plugins to their > appropriate references.
I know its bad taste to reply to myself, but thought this bit might be useful: The snort-msg.map file contains more than just CVE references, it also lists bugtraq ids, mcafee ids, reference urls, and a couple other types. This means if you can correlate a nessus plugin to a snort signature, you also get a list of new references for that plugin. This works both ways, some of the snort sigs may be missing info that the plugins have, but they match on the CVE id. During the first run, I was able to match up about 400 plugins->sigs automatically. Brian only contributed CVE/CAN numbers for those vulnerabilities which were rated as high risk, so there are still quite a few left to fill in (if not the script_cve_id, then the script_bugtraq_id). It would be nice to be able to generate these references from an online web app (which was the goal of my previous project), but I never got around to finishing it. Is anyone else interested in this project? -HD
