[unisog] SANS Top 20

Michael Holstein michael.holstein at csuohio.edu
Mon Feb 14 19:50:52 GMT 2005


Have a look at the update-nessusrc script from nessus.org. It strips the 
CAN/CVE numbers off to match them with the scripts -- you should be able 
to re-use some of that code.

Michael Holstein CISSP GCIA
Cleveland State University

Leo Howell wrote:
> Hello List,
> Does anyone have a script, tool or some other method of converting the 
> SANS/FBI Top 20 List from the website to a tabular format such as that 
> below?
>  
> E.g.
> Top 20 #     Description                              Vulnerability #
> W1             Web Servers & Services 
> <http://www.sans.org/top20/#w1>      CAN-2003-0812 
> <http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0812>
> W1             Web Servers & Services 
> <http://www.sans.org/top20/#w1>      CAN-2003-0813 
> <http://cve.mitre.org/cgi-bin/cvename.cgi?name=2003-0813>
> W1             Web Servers & Services 
> <http://www.sans.org/top20/#w1>      CAN-2003-0352 
> <http://cve.mitre.org/cgi-bin/cvename.cgi?name=2003-0352>
> W2             _Workstation Service_            CAN-2003-0812 
> <http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0812>
> ....................
>  
>  
> I am planning to create a method, but I would be soo happy to borrow 
> from someone who has done it already.  I was kind a hoping they would 
> present a database of the Top 20 list that can be pulled down from the 
> Internet......
>  
>  
> Thanks,
>  
>  
>  
>  
>  
>  
> 
> Leo F. Howell, CISSP, CCSP, B.Sc.
> Network Security Assessments
> ACS, North Carolina State University
> 2620 Hillsborough Street, Raleigh, NC 27695
> Campus Box 7209
> (ph) 919-513-1169
> (fax) 919-513-1407
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> unisog mailing list
> unisog at lists.sans.org
> http://www.dshield.org/mailman/listinfo/unisog



More information about the unisog mailing list