Dear all,
I have an installation of PF version 8.3 with various backends, three
network profiles, an intrusion detector and
a server to check the compliance of the hosts connecting to the network.
It is an installation made about 3 years ago which is working without
any problems.
Now I need validation from the community on compliance feature. When
configuring a violation,
the manual says that you must specify all the vulnerabilities related
individual OIDs that
must be kept under control. What does this mean ?
Does it mean that PF reacts executing the action specified in the
trigger only following a vulnerability that
I've written in the list ?
If this is true it means that I have to write an extremely long list of
codes in advance, keep it constantly updated
and -even if you can probably put more OIDs with a wildcard character or
simply not specifying the final part of the number (*.)-
with this mechanism I can't manage the level overall vulnerability but
only individual bugs.
I use Greennone / Openvas but from the manual I read that a similar
thing can be done with Nessus.
Cuold you tell me, why does PF read a single OID instead of the overall
result produced by the scanners, which is a number from 0 to 10,
and why does it execute an action only when this value is higher than a
certain level ?
I believe that this possibility, if it is not already present, would be
very welcome to many users.
Lots of thanks !
Best Regards
Enrico
--
_______________________________________________________________________
Enrico Becchetti Servizio di Calcolo e Reti
Istituto Nazionale di Fisica Nucleare - Sezione di Perugia
Via Pascoli,c/o Dipartimento di Fisica 06123 Perugia (ITALY)
Phone:+39 075 5852777 Skype:enrico_becchetti
Mail: Enrico.Becchetti<at>pg.infn.it
______________________________________________________________________
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
