Hello Chandra, thanks for the good work!
On Freitag, 12. Dezember 2008, Chandrashekhar B wrote: > I have updated the CR stating that compendium will be updated based on the > outcome of CR-23. Also, I have tried to describe the families (some just > can't be described :)) > > Please refer to, > http://www.openvas.net/openvas-cr-23.html > > If there are no more suggestions, we'll start working on the changes and > also update the compendium. We should first call for a vote before starting to work on it. Some suggestions: * Brute force attacks: the definitions sound like this is the group of "dangerous" NVTs. Am I correct with this assumption? We might want to elaborate a bit more in the description. (ah, I see you did similar in Denial of Service, perhaps repeat it for brute force?) * Default Unix Accounts: Shouldn't this be generalized into "Default Accounts"? * there are some families without a description text. Most are self-explanatory. I'd prefer though a short sentence for any of them. However, it is not mandatory yet to find a precise definition as we inherited a inconsistent naming scheme from Nessus. Effects: Assume we adjust names as proposed in openvas-plugins and thus in the feed. What will happen to current users and their tasks/scopes? Should we announce this change before putting into feed to make people not wonder? Design and Implementation: Perhaps add a item, that we implement a little tool that runs though all NVTs and checks for undefined family names? Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335 08 30 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 18998 Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner _______________________________________________ Openvas-devel mailing list Openvas-devel@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-devel
