[Openvas-commits] r6121 - trunk/doc/website

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Thu Dec 10 10:18:19 CET 2009


Author: mwiegand
Date: 2009-12-10 10:18:18 +0100 (Thu, 10 Dec 2009)
New Revision: 6121

Modified:
   trunk/doc/website/openvas-cr-23.htm4
Log:
Removed SLAD, added Compliance. Corrected spelling, flushed superfluous whitespace.


Modified: trunk/doc/website/openvas-cr-23.htm4
===================================================================
--- trunk/doc/website/openvas-cr-23.htm4	2009-12-09 23:23:54 UTC (rev 6120)
+++ trunk/doc/website/openvas-cr-23.htm4	2009-12-10 09:18:18 UTC (rev 6121)
@@ -30,13 +30,13 @@
 
 <p>
 Status: In discusssion.
-Votes: +7, in progress 
+Votes: +7, in progress
 </p>
 
 <h3>Purpose</h3>
 
 <p>
-To establish standard script families (script_family) usage for the OpenVAS NVT's.
+To establish standard script families (script_family) usage for the OpenVAS NVTs.
 </p>
 
 <h3>References</h3>
@@ -44,22 +44,22 @@
 <h3>Rationale</h3>
 
 <p>
-Script family helps to categorize the NVT's according to the nature of
-vulnerability the NVT is describing. Also in certain cases, NVT's
+Script family helps to categorize the NVTs according to the nature of
+vulnerability the NVT is describing. Also in certain cases, NVTs
 are grouped based on the Operating System and the type of check it
 is performing.
 </p>
 
 <p>
 As of now, there is no set standard in place for NVT developers to decide upon
-families for the NVT's. There is no pre-decided set of family names documented
+families for the NVTs. There is no pre-decided set of family names documented
 for each different type of vulnerability. Also there's no restriction on the
-string format. This leads to adhoc categorization of NVT's
+string format. This leads to adhoc categorization of NVTs
 </p>
 
 <p>
 This change request proposes to document the family names for each type of
-vulnerability so that NVT developers can easily map the NVT's to an element
+vulnerability so that NVT developers can easily map the NVTs to an element
 in a pre-defined set as in the following,
 
 <pre>
@@ -140,12 +140,12 @@
 
 <li>
 <p>
-The following families are being used by some NVT's, which have to be moved to
+The following families are being used by some NVTs, which have to be moved to
 a suitable family.
 </p>
 <pre>
 ['Local test',
- 'Local test SuSE/FC/Gent./Ubuntu', 
+ 'Local test SuSE/FC/Gent./Ubuntu',
  'Windows SMB'
  'Abus de CGI'
  'Divers'
@@ -156,12 +156,12 @@
 
 <li>
 <p>
-The use of 'CGI abuses' and 'CGI abuses : XSS' is not clearly understood and 
+The use of 'CGI abuses' and 'CGI abuses : XSS' is not clearly understood and
 they are being used interchangebly. The keyword 'CGI abuses' doesn't categorize
 all the web application related security vulnerabilities.
 </p>
 <p>
-A broader category like 'Web application abuses' would cover XSS, CSRF, SQL 
+A broader category like 'Web application abuses' would cover XSS, CSRF, SQL
 Injection, File Inclusion, Directory traversal, Cookie poisoning and Input
 Validation vulnerabilities.
 </p>
@@ -169,7 +169,7 @@
 
 <li>
 <p>
-The family 'Misc.' has to be removed and the respective NVT's have to be moved
+The family 'Misc.' has to be removed and the respective NVTs have to be moved
 to an appopriate family that helps categorize the vulnerability. 'Misc.' is too
 broad a category and misleading. The category 'General' can be used for such
 purposes where NVT cannot be grouped to an existing family.
@@ -199,7 +199,7 @@
   force methods are categorized into this family. The detection mechanism
   is not limited to attempting brute force methods within itself. If an NVT
   is trying brute force methods to gain access on the target system,
-  ACT_ATTACK must be used in script_category(). 
+  ACT_ATTACK must be used in script_category().
 
 - 'Web application abuses'
   The vulnerability in question helps to conduct web based attacks such as
@@ -207,7 +207,7 @@
   Inclusion, Cookie Poisoning.
 
 - 'CISCO'
-  NVT's discvering all vulnerabilities related to Cisco devices, IOS,
+  NVTs discvering all vulnerabilities related to Cisco devices, IOS,
   Applications and management consoles are categorized into this family.
 
 - 'Default Accounts'
@@ -245,7 +245,7 @@
 
 - 'Port scanners'
   NVT is a port scanner.
-  
+
 - 'Remote file access'
   Vulnerability lets attackers have access to the remote file system.
 
@@ -258,7 +258,7 @@
   device etc.,
 
 - 'Settings'
-  NVT's that set user preferences through script_add_preference() function. 
+  NVTs that set user preferences through script_add_preference() function.
 
 - 'SMTP problems'
   Detecting vulnerabilities related to mail servers.
@@ -271,12 +271,12 @@
   system.
 
 - 'Windows : Microsoft Bulletins'
-  NVT's detecting the patch status of Windows systems based on the security
+  NVTs detecting the patch status of Windows systems based on the security
   bulletins released by Microsoft.
 
 - 'Windows'
-  NVT's detecting the vulnerabilities in all Windows Operating System
-  including other Microsoft products are categorized into this family. 
+  NVTs detecting the vulnerabilities in all Windows Operating System
+  including other Microsoft products are categorized into this family.
 
 - 'AIX Local Security Checks'
   Local Security checks developed for IBM AIX based on the security advisories
@@ -331,32 +331,32 @@
   Local Security checks developed for HP-UX based on the security
   advisories released for a package update.
 
-- 'SLAD'
-  All plugins related to SLAD
+- 'Compliance'
+  Checks related to various compliance frameworks.
 
-- 'Web Servers
-  NVT's detecting vulnerabilities in any web server or application server.
+- 'Web Servers'
+  NVTs detecting vulnerabilities in any web server or application server.
 
 - 'Buffer overflow'
   A vulnerability is a buffer overflow that lets the attacker execute arbitrary
   code on the remote system and possibly also gain system shell or cause denial
   of service.
-  
+
 - 'Privilege escalation'
   An attacker is able to improvize the access level to gain unauthorized access
   to services, applications.
 
-- 'Credentials',
-  NVT's that set credentials such as SMB, SSH using script_add_preference().
+- 'Credentials'
+  NVTs that set credentials such as SMB, SSH using script_add_preference().
 
 - 'Malware'
   NVT is attemping to detect a virus, worm, or trojan including backdoors.
 
 - 'Databases'
-  All NVT's discovering Database related vulnerabilities
+  All NVTs discovering Database related vulnerabilities
 
 - 'General'
-  NVT's that cannot be categorized into any of the above families are grouped
+  NVTs that cannot be categorized into any of the above families are grouped
   into General.
 </pre>
 
@@ -380,7 +380,7 @@
 CWE is a standard way to identify Software Weakness Types which is being
 developed by the community to serve as a standard measuring stick for software
 security tools targeting these weaknesses. Once we have better understanding
-of CWE and learn about means to map the CWE to NVT's, this standard will be
+of CWE and learn about means to map the CWE to NVTs, this standard will be
 proposed for adoption for OpenVAS NVT.
 </li>
 
@@ -409,5 +409,8 @@
    - Also updated description for "Service detection" to mean all
      detection NASL's
 </li>
-
+<li>
+  2009-12-10 Michael Wiegand &lt;michael.wiegand at intevation.de&gt;:<br>
+  - Removed 'GSHB' family, added 'Compliance' family
+</li>
 </ul>



More information about the Openvas-commits mailing list