Security Basics mailing list archives
software security auditing in Linux-based systems
From: Chad Perrin <perrin () apotheon com>
Date: Thu, 3 Jul 2008 10:52:17 -0600
After some cursory searching, and having used a few distributions for a few years, I haven't found any software vulnerability auditing software for any Linux distribution equivalent to FreeBSD's portaudit or NetBSD's audit-packages. In fact, FreeBSD seems to have two such tools, as it can claim vxquery in addition to portaudit, and I have yet to find even one such tool for any Linux distribution. Have I missed something obvious? Is there such a tool for any Linux distribution out there? Failing that -- is there at least something like the vuxml RSS feeds [1] for FreeBSD and OpenBSD, but for Linux distributions instead? If no comparable vulnerability auditing tools exist for any Linux distributions, this seems like a pretty significant oversight. == [1]: http://www.vuxml.org/ -- Chad Perrin [ content licensed PDL: http://pdl.apotheon.org ] McCloctnick the Lucid: "The first rule of magic is simple. Don't waste your time waving your hands and hopping when a rock or a club will do."
Attachment:
_bin
Description:
Current thread:
- software security auditing in Linux-based systems Chad Perrin (Jul 03)
- Re: software security auditing in Linux-based systems Jon Kibler (Jul 03)
- Re: software security auditing in Linux-based systems Chad Perrin (Jul 04)
- Re: software security auditing in Linux-based systems Gleb Paharenko (Jul 04)
- <Possible follow-ups>
- Re: software security auditing in Linux-based systems Chad Perrin (Jul 04)
- Re: software security auditing in Linux-based systems Jon Kibler (Jul 03)