Use Ossim host vulnerability scanning system
Enterprises find loopholes to pay a lot of effort, not simply install a simple vulnerability scanning software on the server, so that much effect. This is not because the enterprise has a large number of servers and host devices, servers and networking devices and through different rates, but we expect over time to get the required coverage, many European and American international security organizations have their own classification criteria established their own database where the mainstream is CVE and, XForce. His advantage is that when the network security incident, intrusion detection system (IDS) to generate an alarm, network security vulnerability databases such as the CVE standard system becomes extremely important!, Current China National Computer Network Emergency Response Coordination Center in under (CNCERT / CC) leadership, the country will also set up their own organization CVE --CNCVE, CNCVE's purpose is to set up a construction with Chinese characteristics, CVE organizations to the majority of domestic users of the service. But not to say that it has included all the CVE vulnerabilities, in addition to these open vulnerability database, should there not a lot of open to the public vulnerability database. Some may we simply do not know the existence of these vulnerabilities database.
1.CVE
CVE (Common Vulnerabilities and Exposures) by the US Department of Homeland Security (US Department
Of Homeland Security, referred to as DHS) was established by the non-profit organization MITRE company to manage and maintain so far.
Vulnerability (vulnerability, vulnerability) the term can have multiple interpretations narrow and broad. For example: finger
Service, may provide a lot of useful information for the intruder, but the service itself is sometimes necessary business, but can not
The service itself has said the security issue.
CVE standard naming
To facilitate the separate vulnerability databases and different security tools to better sharing of data between each other, as shown in FIG vulnerability database. CVE naming standard is "CVE", time and number of common components. For example, named as "CVE-2008-6021" in the entry indicates the vulnerability of the 2008 No. 6021.
CVE content is the result of a collaborative effort of the editorial board of the CVE. This committee comes from a number of security-related organizations, such as software developers, universities research institutions, government organizations and some of the best security experts, and CVE can read and download free.
Figure CVE vulnerabilities database
2.OSVDB
OSVDB (Open Source Vulnerability Database) was founded by a community organization and maintenance of independent open source database. It was first a service in the 2002 Black Hat and Defcon security conference proposed that vulnerability database provides a vendor-independent implementation. Like OSVDB and CVE database is open source and free. It is maintained by the Security Division enthusiasts, free and open to individuals and business groups. Difference is that the name CVE standard, can be understood as common data dictionary, and OSVDB each vulnerability provides detailed information, OSVDB need to refer to the CVE name.
3.BugTraq
BugTraq [3] is a list of Internet Security Focus e-mail management, and now has been acquired by Symantec Corporation. In the computer security world, BugTraq equivalent to the most authoritative professional magazine. Most security professionals subscribe to Bugtraq, because there can be the first to receive information on software, system vulnerabilities and defects, can learn to mend fences and defensive counter-attack tactics.
Next we look at an example system vulnerability scanning system by ossim Openvas, working under the screen shots shown in FIG.
This article comes from " Li Chenguang original technology blog " blog, be sure to keep this source http://chenguang.blog.51cto.com/350944/1349749
Reproduced in: https: //my.oschina.net/chenguang/blog/613897