Date: Fri, 15 Dec 2000 16:22:22 -0800 From: Alfred Perlstein <bright@wintelcom.net> To: Some Person <ntvsunix@hotmail.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Security Update Tool.. Message-ID: <20001215162222.P19572@fw.wintelcom.net> In-Reply-To: <F184Mum03yMJiQTyfPe00000f1e@hotmail.com>; from ntvsunix@hotmail.com on Sat, Dec 16, 2000 at 12:16:29AM %2B0000 References: <F184Mum03yMJiQTyfPe00000f1e@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
* Some Person <ntvsunix@hotmail.com> [001215 16:16] wrote: > Hey ppl. Sorry I just joined the list so I dunno what kinda posts usally go > on here but I was just browsing www.freebsd.org/security and... It's usually a good idea to read the list charter and watch a couple of emails go by before posting to it. Your post seems pretty much on topic though. > Well, seeing there's new security discoveries, patches and a whole schlew of > CERT advisories etc.. it's hard to keep up with what needs securing, and > what to secure, from the base system, from the ports, etc. > > My question is, is there a util yet that in theory (maybe if so, or if > someone writes one would work differently than what I'm imagining) queries a > central database with all the security advisories, checks the local system > for comparisons and vulnerabilities against that database and reports to the > user who ran the util. > > ie, sacheck -H sa-host.freebsd.org > > I completely made that up, but jsut an idea. ie, sacheck (security advisor > check) checks against -H sa-host.freebsd.org. > > Please, if I sound like a complete idiot, no need to flame.. ;) I'm trying > to explain what I think would be a good idea in the best way I can via email > and I'm still an intermediate (non-expert) FreeBSD user. I don't know > programming (yet) so I probly don't have all the terms, but I do have ideas. > > ps: Hope I did make atleast some sense in describing my idea. It's actually a very good idea. On FreeBSD you can output the name/version of all the installed packages just by typing 'pkg_info' if someone were to setup a website with a simple database one could just make http requests to it about each installed package. Now the question is... If you just asked someone if your version of wu-ftpd is safe or not, and they know the source IP... can you trust them? :) -- -Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org] "I have the heart of a child; I keep it in a jar on my desk." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001215162222.P19572>