[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [hobbit] monitoring patch status?
- To: <hobbit (at) hswn.dk>
- Subject: Re: [hobbit] monitoring patch status?
- From: "T.J. Yang" <tj_yang (at) hotmail.com>
- Date: Sun, 16 Nov 2008 10:14:31 -0600
- Importance: Normal
- References: <1226702319.11679.13.camel (at) mcdonalddj-dc.austin-energy.net> <a60f25fc0811141624o46092360h5b54ace88ee23686 (at) mail.gmail.com> <BAY138-DS784D2EF4962535869ED8C9F110 (at) phx.gbl> <Pine.LNX.4.64.0811151255200.31457 (at) pal32.desy.de> <7024c8c80811152317kb6be87alc7e50334f18b25f (at) mail.gmail.com>
--------------------------------------------------
From: "Tracy Di Marco White" <gendalia (at) iastate.edu>
Sent: Sunday, November 16, 2008 1:17 AM
To: <hobbit (at) hswn.dk>
Subject: Re: [hobbit] monitoring patch status?
On Sat, Nov 15, 2008 at 5:59 AM, Martin Flemming
<martin.flemming (at) desy.de> wrote:
Yep, somedays ago i've "found" pca too,
and a xymon-module for it will be great !
.. maybe for redhat-clones there will be yum to use,
has got somebody work for it ? :-)
I had one of our students write a package auditing script for RHEL
5.1, something to match the NetBSD pkgsrc security auditing script we
use on all our NetBSD machines.
The RHEL version requires 'yum
install yum-security' and consists of:
yum-audit - checks security status of yum installed packages on RHEL 5.1
and greater
I have RH machines ranging from RH9 to RHEL4.
My interest is to learn how to implement counter part of Solaris pca that
compare with a
central patch/package database file(s) on web server. Audit is the main
interest here.
This way xymon-pca module can report missed patchs/pkgs on one single
column.
yum-get-audit-script - to be set up as a root cron job to pull the
security
statuses from yum
yum-cve.ignore - an example CVE ignore file to tell the script with CVE's
to mark as green
- its location is specified in the yum-audit script
If others are interested, I'll see about making them available.
I am interested about the *.src.rpm to see/learn how you did it.
tj
-Tracy
To unsubscribe from the hobbit list, send an e-mail to
hobbit-unsubscribe (at) hswn.dk