[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Common (basic) security checks for a base installation?



On Thu, Dec 26, 2002 at 08:51:31PM +0100, Florian Weimer wrote:
> Javier Fernández-Sanguino Peña <jfs@computer.org> writes:
> 
> > - detect if security updates are available and warn the administrator
> 
> You might want to look at OVAL, which tries to support such a tool
> using a standardized input format.

	That's different of what I'm proposing since OVAL tries to do local
security checks to determine if the system is vulnerable. That's more like
what Tiger does (not just check for updates). 
	Also OVAL is currently a "work in process" and there's still a lot
of work to do to create OVAL checks for all known (CVE-defined)
vulnerabilities.

	Javi

Attachment: pgpbaGOnAClW9.pgp
Description: PGP signature


Reply to: