Network risk management using attacker profiling. Ram Dantu. 200. Sign In. Security administration is an uphill task to implement in an enterprise network providing secured corporate services.
With the slew of patches being released by Microsoft, HP and other vendors, system administrators require a barrage of tools for analyzing the risk due to these vulnerabilities. In addition to this, criticalities in patching some end hosts (e.g., in hospitals) raises serious security issues about the network to which the end hosts are connected.
A language for inquiring about the run-time behaviour of programs. Jacques Cohen. 2006; Software: Practice and Experience - Wiley InterScience. Attack language. BackTrack Linux - Penetration Testing Distribution. Main Page - Offensive-security.com. The Metasploit Project. National Vulnerability Database CVSS Scoring. NVD Now Supports CVSS Version 2.0 (June 20, 2007)!!
The Common Vulnerability Scoring System (CVSS) provides an open framework for communicating the characteristics and impacts of IT vulnerabilities. Its quantitative model ensures repeatable accurate measurement while enabling users to see the underlying vulnerability characteristics that were used to generate the scores. Thus, CVSS is well suited as a standard measurement system for industries, organizations, and governments that need accurate and consistent vulnerability impact scores. Two common uses of CVSS are prioritization of vulnerability remediation activities and in calculating the severity of vulnerabilities discovered on one's systems.