Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 14 Jul 2000 14:20:38 -0700
From:      Bengt Richter <bokr@accessone.com>
To:        freebsd-security@FreeBSD.ORG
Subject:   RFC for Advisories? (Was Re: Newer/Two kinds of advisories?)
Message-ID:  <3.0.5.32.20000714142038.00908650@mail.accessone.com>
In-Reply-To: <4.3.2.20000714114005.00b67100@207.227.119.2>
References:  <Pine.BSF.4.21.0007131826350.13660-100000@freefall.freebsd. org> <Pine.BSF.4.21.0007131902540.62151-100000@srh0902.urh.uiuc.edu>
next in thread | previous in thread | raw e-mail | index | archive | help 
There are a lot of RFCs for automated notifications over the internet.
Perhaps it would be useful to think of security advisories in this light.

FreeBSD SA's provide a reference implementation of content and distribution
methodology. Others also distribute advisory information. Sometimes there
is useful cross-platform content, even beyond the immediate OS family tree.

Establishment of a standard, platform-independent (sectioned to distinguish
generic vs platform/version-specific info) format suitable for human skimming
and automated processing could have widespread benefits (IMHO).

Ideally, one could visualize logging in and seeing an automatically edited
MOTD
or additional message something like:

"NOTICE: vulnscand has received and authenticated advisory <advisory ID>,
and has (per vulnscand.conf auto option) disabled execution of
/<path to executable>
due to a level 7.2 ('Immediate Action Urgent') vulnerability.
Type vulnscan -i <advisory ID> for full info."

The RFC should not exclude the possibility of an NT-based vulnscand.exe
service
whereby possibly seeing something relevant to NT in the security log of the
NT event viewer, with automated email to the system administrator.

For those writing cgi for score-keeping web presentation, perhaps a simple
numeric scale of seriousness like the earth quake Richter (no relation :)
scale would help keep things in perspective.

HTIU (Hope this is useful)

Regards,
Bengt Richter





To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.5.32.20000714142038.00908650>