[ISN] Re: SANS Top 20 Vulnerability List Updated

From: InfoSec News (isnat_private)
Date: Tue Dec 04 2001 - 00:10:45 PST

  • Next message: InfoSec News: "Re: [ISN] Re: Personal Firewalls Spring Security Leaks - Update"

    Forwarded from: Felix von Leitner <leitnerat_private>
    Thus spake InfoSec News (isnat_private):
    > NIST has been working with SANS to provide an enhanced top 20
    > vulnerability list. The original list produced by SANS and the FBI
    > contained 20 important vulnerability areas with reference to over
    > 140 specific vulnerabilities.
    Short question: what the hell is going on here? What significance
    could this have at all besides SANS telling us that they consider
    themselves of earth-shattering importance?
    Top 20 vulnerabilities?  Is this an E! franchise?
    Why is worthless crap like a "top 20 vulnerabilities" list even done
    at all?  Why not pay those obviously very talented and highly
    respected members of the security community to actually do something
    useful, like _do_ something against security vulnerabilities instead
    of doing PR work?
    Sheesh.  What's next?  The top 20 deseases causing bowel movement?
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Tue Dec 04 2001 - 05:01:54 PST