From owner-freebsd-security Fri Dec 15 16:44: 9 2000 From owner-freebsd-security@FreeBSD.ORG Fri Dec 15 16:44:05 2000 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from sunny.pacific.net.sg (sunny.pacific.net.sg [203.120.90.127]) by hub.freebsd.org (Postfix) with ESMTP id B82D837B400 for ; Fri, 15 Dec 2000 16:44:04 -0800 (PST) Received: from pop1.pacific.net.sg (pop1.pacific.net.sg [203.120.90.85]) by sunny.pacific.net.sg with ESMTP id eBG0i1o25371; Sat, 16 Dec 2000 08:44:01 +0800 (SGT) Received: from gchang (spoff250.pacific.net.sg [203.120.94.250]) by pop1.pacific.net.sg with SMTP id IAA09335; Sat, 16 Dec 2000 08:44:01 +0800 (SGT) Message-ID: <005e01c066f8$9da172a0$fa5e78cb@gchang> From: "James Lim" To: "Anil Jangity" , "jrz" Cc: References: Subject: Re: Security Update Tool.. Date: Sat, 16 Dec 2000 08:39:14 +0800 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi all, brilliant idea James Lim Technical Support Executive Pacific Internet Limited 89 Science Park Drive #02-05/06 The Rutherford Singapore 118261 Finger evilfry@sg.freebsd.org for PGP key. ----- Original Message ----- From: "Anil Jangity" To: "jrz" Cc: Sent: Saturday, December 16, 2000 8:42 AM Subject: Re: Security Update Tool.. > I think he was looking for something a little more "automated". Something > like IE's "Window's update" for freebsd ;-) > > I don't think its too difficult to do this, all you do is do ident on any > binaries that are on the local system and compare the version with the > version string in the advisories... the advisory might need some > formatting changes? > > just thinking out loud. > > > Fri, 15 Dec 2000 (4:41pm -0800) Message: > > @ >> My question is, is there a util yet that in theory (maybe if so, or if > @ >> someone writes one would work differently than what I'm imagining) queries a > @ >> central database with all the security advisories, checks the local system > @ >> for comparisons and vulnerabilities against that database and reports to the > @ >> user who ran the util. > @ >> > @ >> ie, sacheck -H sa-host.freebsd.org > @ > @ would be fairly easy to write a shell or perl script that checks for current > @ advisories and prints it out in pretty format. > @ > @ -jrz > @ > @ > @ > @ --- > @ Jacob Zehnder | Systems Engineer > @ CNM Network | http://www.cnmnetwork.com > @ business: jrz@cnmnetwork.com > @ other: jrz@rackmount.org > @ --- > @ "Where am I, and what am I doing in this handbasket?" > @ > @ > @ > @ To Unsubscribe: send mail to majordomo@FreeBSD.org > @ with "unsubscribe freebsd-security" in the body of the message > @ > @ > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message