Distribution of security fixes

Posted Aug 27, 2004 14:24 UTC (Fri) by jeremiah (subscriber, #1221)
In reply to: Distribution of security fixes by rwmj
Parent article: Distribution of security fixes

That's just beautiful man. I'll have to check some of my systems out now, but that's alright. That has to be the slickest flaw I've heared about in quite sometime.

Does anyone know of a place to find a list of features similar to this in type. Ie one's that a sysadmin should logically be able to create without worry, yet are completely henious? I've been doing Linux for 12 years, and have never heard of this, and I wonder where I should go to find more like it, since this is not the type of stuff to show up in most advisories.

FYI lwn staff, I'd pay for gems like this. Ie a long standing list of potential exploits that cannot be fixed by patching.

Distribution of security fixes

Posted Aug 27, 2004 14:36 UTC (Fri) by jeremiah (subscriber, #1221) [Link]

Just a follow up question, What's a nice tool for checking system security from the inside. Most tools I use either check from the outside (nessus et al) or monitor the state of the system inside (logwatch/tripwire etc.) Bastile will harden the system, but I'd like a report based thing, so that I can choose the vulnerabilites I'd like to keep as well as fix the others in a way that matches our infrastructure.