Families are decided in most cases based on the characteristics of the vulnerability. I can start with the documentation.
Thanks, Chandra. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael Wiegand Sent: Monday, November 24, 2008 2:55 PM To: [email protected] Subject: Re: [Openvas-plugins] Script family for windows local checks * Jan-Oliver Wagner [21. Nov 2008]: > it is a long-standing issue to me that we need to consolidate the > families. > > Perhaps the best approach is to write a CR that provides definitions > (or some other sort of characterization) for the families we should > maintain. This might be a challenging task and it might take some time > to agree on the (potentially changed/extend) set of families. > > This might also relate to the thoughts about OID scheme, but I am not > sure yet. I agree. I've thought about integrating the family in the OID, but then again an NVT might belong to more than one family. I think a more flexible approach would be best instead of forcing an organisation along family lines. It might be more useful to some people to sort them by CVE, affected product, affected service or whatever. Regards, Michael -- Michael Wiegand | OpenPGP key: D7D049EC | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 18998 Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner _______________________________________________ Openvas-plugins mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins _______________________________________________ Openvas-plugins mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins
