Re: audit security

[Brad Alexander <storm16@gmail.com>]

It depends on what you are looking for. You could set up Nessus (or nmap or something similar) to run active scans. Nessus has a (free) home feed, as well as a scheduling option. Another front end for it would be Seccubus (http://seccubus.com/).

Something lighter would be tiger, which emails you differences/changes From the Debian description,

"Debian's TIGER incorporates new checks primarily oriented towards
 Debian distribution including: md5sums checks of installed files,
 location of files not belonging to packages, check of security
 advisories and analysis of local listening processes."

You might also check out chkrootkit and rkhunter.

--b

On Tue, May 14, 2013 at 3:25 PM, Pol Hallen <deben@fuckaround.org> wrote:

> Apart from subscribing to debian-security-announce?

Hi and thanks for your reply. I already subscribed to security announce.

The difference is that portaudit show me only security hole from
installed packages and an email from each server.

I've several servers and I can't remember which services (daemons, ecc.)
installed.

Pol

--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Archive: [🔎] 51928F9C.2080909@fuckaround.org" target="_blank">http://lists.debian.org/[🔎] 51928F9C.2080909@fuckaround.org