Re: Thank you Debian

To: debian-user@lists.debian.org
Subject: Re: Thank you Debian
From: andre@rodier.me
Date: Thu, 22 Feb 2024 13:41:32 +0000
Message-id: <[🔎] ad47719c-1bfe-42a5-869c-1539bb642a2d@rodier.me>
In-reply-to: <[🔎] 875xygspm9.fsf@free.fr>
References: <[🔎] bf1a9544-890a-47ea-9d21-27847e392d08@rodier.me> <[🔎] 875xygspm9.fsf@free.fr>

On 22/02/2024 11:58, Michel Verdier <mv524@free.fr> wrote:

On 2024-02-21, Andre Rodier wrote:

> A few years ago, I created a set of Ansible scripts to code what I was already
> doing manually, so I could rebuild my server from scratch.

What makes you chose ansible instead of a debian package applying your
scripts and configurations?


I didn't want to create a new distribution, I wanted scripts to configure a bare distribution, that anyone could maintain using the standard Debian procedures afterwards.

Also, if you have a look to the solution, you will see that the integration between all the packages is not appropriate to the packages modification.


> - What is the best approach to check if there is any vulnerability in the
>   packages configuration ?
> - Is there any service that could audit the deployment code or the
>    configuration files ?

There is some debian packages for internal checks: rkhunter, tiger,
lynis, checksecurity, john, etc
Also OpenVAS https://openvas.org/ (fork from nessus) and other tools in
Kali Linux (debian-based)

Reply to:

Follow-Ups:
- Re: Thank you Debian
  - From: Michel Verdier <mv524@free.fr>

References:
- Thank you Debian
  - From: Andre Rodier <andre@rodier.me>
- Re: Thank you Debian
  - From: Michel Verdier <mv524@free.fr>

Prev by Date: 'sensors -j' and "ERROR: Can't get value of subfeature in0_input: Can't read"
Next by Date: Re: 'sensors -j' and "ERROR: Can't get value of subfeature in0_input: Can't read"
Previous by thread: Re: Thank you Debian
Next by thread: Re: Thank you Debian
Index(es):
- Date
- Thread