Re: software security auditing in Linux-based systems

[Chad Perrin <perrin () apotheon com>]

On Thu, Jul 03, 2008 at 02:52:46PM -0400, Jon Kibler wrote:
> Chad Perrin wrote:
> > After some cursory searching, and having used a few distributions for a
> > few years, I haven't found any software vulnerability auditing software
> > for any Linux distribution equivalent to FreeBSD's portaudit or NetBSD's
> > audit-packages. 
>
> I don't know a lot about the packages you have mentioned for BSD, but
> for Linux there is OVAL, Sussen and Bastille for starters.

Bastille is a "security hardening" tool -- not even close to the same
thing.

OVAL is basically another vuxml, as far as I'm aware -- which is great,
but you still need tools based on it to actually do anything useful.

I haven't heard of Sussen before, but as a cursory check I did an
apt-cache search for it in Debian repositories.  It doesn't appear to be
there.  Worse, I don't see any sign that it integrates with the software
management system of any Linux distribution on the Sussen website[1].
Does it actually provide the sort of full, in-depth coverage for any OS
in particular that portaudit does for FreeBSD, or is it a "best effort"
third party thing that can't deal with OS-specific matters like, say,
Secunia Personal Software Inspector?

==
[1]: http://www.lbtechservices.com/projects/sussen/

-- 
Chad Perrin [ content licensed PDL: http://pdl.apotheon.org ]
The strength of any system is inversely proportional to the restrictions
on the power of tools allowed to the general public by that system.

Attachment: _bin
Description: