From owner-freebsd-security Thu Aug 27 03:29:58 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id DAA20590 for freebsd-security-outgoing; Thu, 27 Aug 1998 03:29:58 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from mail.ftf.dk (mail.ftf.dk [129.142.64.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id DAA20581 for ; Thu, 27 Aug 1998 03:29:51 -0700 (PDT) (envelope-from regnauld@deepo.prosa.dk) Received: from mail.prosa.dk ([192.168.100.254]) by mail.ftf.dk (8.8.8/8.8.8/gw-ftf-1.0) with ESMTP id MAA24073; Thu, 27 Aug 1998 12:34:47 +0200 (CEST) (envelope-from regnauld@deepo.prosa.dk) Received: from deepo.prosa.dk (deepo.prosa.dk [192.168.100.10]) by mail.prosa.dk (8.8.8/8.8.5/prosa-1.1) with ESMTP id MAA15832; Thu, 27 Aug 1998 12:39:06 +0200 (CEST) Received: (from regnauld@localhost) by deepo.prosa.dk (8.8.8/8.8.5/prosa-1.1) id MAA22530; Thu, 27 Aug 1998 12:28:38 +0200 (CEST) Message-ID: <19980827122838.09246@deepo.prosa.dk> Date: Thu, 27 Aug 1998 12:28:38 +0200 From: Philippe Regnauld To: Seppo Kallio Cc: security@FreeBSD.ORG Subject: Re: post breakin log (Saint/Nessus/?) References: <199808270538.BAA01341@armitage.cylatech.com> <19980827103936.44211@deepo.prosa.dk> <19980827130401.B546@beeblebrox.cc.jyu.fi> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.88e In-Reply-To: <19980827130401.B546@beeblebrox.cc.jyu.fi>; from Seppo Kallio on Thu, Aug 27, 1998 at 01:04:01PM +0300 X-Operating-System: FreeBSD 2.2.6-RELEASE i386 Phone: +45 3336 4148 Address: Ahlefeldtsgade 16, 1359 Copenhagen K, Denmark Organization: PROSA Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Seppo Kallio writes: > > Is there good tools to make a check if my (or neighbour's) node has good > security or not? I think in principle that kind of tool is possible, but > it should be updatet daily and easy to use (so that I can run it daily). From the inside: COPS (a bit outdated) From the network: Check out SAINT, Nessus. TAMU Drawbridge NFR (this is more of a toolkit than a plug-n-play program) Commercial: ISS Scanner But mostly: good security practices :-) Check out - Robert Watson's excellent work on FreeBSD, including his hardening project: http://www.watson.org/fbsd-hardening/ - Jan Koum's FreeBSD security HowTo: http://www.best.com/~jkb/howto.txt - Guy Helmer wrote a good article in Sysadmin (can't find the URL right now), "Security tools in FreeBSD" I have available on demand a biblio. list of a few hundred (500-600) references security articles/books/papers (courtesy of Osiris@pacific.net) > Some simple tool to check our nodes and the nodes of the professors could be > very nice! Unplug them from the net :-) > I have head about http://www.wwdsi.com/saint/ (Saint) and > http://www.nessus.org/ (Nessus) how are they? Experiences? Saint is more to do verifications, it picks up where SATAN left off (and indeed uses the same interface) Nessus is more denial-of-service (indeed, it will take down anything Microsoft-related, and most commercial OSes without patches), and intrusion oriented. > I think the app should have (secure) database somewhere in net to > check the bug free popper version number for example. Or easy automatic > local database update (by 'mirror' or something). Then you want ISS scanner. -- -[ Philippe Regnauld / sysadmin / regnauld@deepo.prosa.dk / +55.4N +11.3E ]- The Internet is busy. Please try again later. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message