Date: Mon, 29 Jul 2002 21:21:16 -0400 From: Jeff Palmer <scorpio@drkshdw.org> To: Hendrik Scholz <hscholz@raisdorf.net>, freebsd-security@freebsd.org Subject: Re: audit-packages like program for FreeBSD? Message-ID: <5.1.1.6.0.20020729212013.00a03140@mail.drkshdw.org> In-Reply-To: <20020730000534.84D0067B06@deimos.raisdorf.net>
next in thread | previous in thread | raw e-mail | index | archive | help
pkg_version -c works for me If all your ports are updated as needed, security issues are fixed as the portstree is updated ;-) Jeff Palmer scorpio@drkshdw.org At 10:05 AM 7/30/02 +1000, Hendrik Scholz wrote: >Hi! > >While using NetBSD I discovered the audit-packages package. >Basicly it consists of a script and a text file. >The text file contains information about packages/ports that are >vulnerable to any kind of remote/local/dos attack. >The script can be run by the daily cron job and then checks if one of the >installed packages is mentioned in the list of vulnerable packages. >If so it reports package name, version, type of bug and an URL to an >advisory as part of the cron report. >The text-file can be updated with ftp/wget/... > >As I've been thinking about this I just want to know if someone is >interested in this for FreeBSD? > >Writing the script itself should be no problem for me but maintaining the >vulnerability database could become difficult as the number of ports grow. >A script that crawls through the ports cvs tree and checking for ports >marked forbidden since the last run would be a good start but for >unmaintained ports bugtraq/vuln-watch/... has to be read. >Any ideas how to get more input? > >Which language to use? >Perl would do fine for this job but as Perl isn't in the base system >anymore a shell script or c program would be better if it should be >possible to run this as part of the daily cron job. >If I start with this what language should I use? > >Thanks for all comments, Hendrik > >P.S. I won't be able to answer all questions immediatly as I'm on vacation :) > >-- >Hendrik Scholz - <hscholz@raisdorf.net> - http://raisdorf.net/ > >drag me, drop me - treat me like an object > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.1.6.0.20020729212013.00a03140>