[opensuse-security] OpenVAS likes to create security test environments for SUSE products
Hi, the network security scanner OpenVAS [1] has progressed a lot since I mentioned it here on this list first time. Seem like it even made it into SUSE [2]. Now we are working on a automatic generator for security checks for SUSE based on the SUSE security announcements, like this one [3]. The generator creates so-called NVTs (Network Vulerability Tests) for the language NASL and also for OVAL. This works well for the openSUSE distributions because [3] contains the RPM IDs to check for. It is not so easy for products like SLES where you have to follow a couple of links before you see the packages. This is not so simple to automize. Do you see any chance to make life easier here? Also, we are lacking identifier strings for all of the different products. We usually look into /etc/SuSE-release to find out. Is there a list somewhere with _all_ identifiers? Best regards Jan [1] http://www.openvas.org [2] http://download.opensuse.org/repositories/security:/openvas:/ [3] http://www.novell.com/linux/security/advisories/2008_55_mozilla.html -- Dr. Jan-Oliver Wagner | ++49-541-335 08 30 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 18998 Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org
On Fri, Jan 09, 2009 at 11:13:53PM +0100, Jan-Oliver Wagner wrote:
Hi,
the network security scanner OpenVAS [1] has progressed a lot since I mentioned it here on this list first time. Seem like it even made it into SUSE [2].
Now we are working on a automatic generator for security checks for SUSE based on the SUSE security announcements, like this one [3]. The generator creates so-called NVTs (Network Vulerability Tests) for the language NASL and also for OVAL.
This works well for the openSUSE distributions because [3] contains the RPM IDs to check for.
It is not so easy for products like SLES where you have to follow a couple of links before you see the packages. This is not so simple to automize.
Do you see any chance to make life easier here?
Yes. I have "creating OVAL descriptions" for security updates on my short range TODO list.
Also, we are lacking identifier strings for all of the different products. We usually look into /etc/SuSE-release to find out. Is there a list somewhere with _all_ identifiers?
Hmm. Not a conclusive list. :/ Ciao, Marcus -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org
On Freitag, 9. Januar 2009, Marcus Meissner wrote:
On Fri, Jan 09, 2009 at 11:13:53PM +0100, Jan-Oliver Wagner wrote:
the network security scanner OpenVAS [1] has progressed a lot since I mentioned it here on this list first time. Seem like it even made it into SUSE [2].
Now we are working on a automatic generator for security checks for SUSE based on the SUSE security announcements, like this one [3]. The generator creates so-called NVTs (Network Vulerability Tests) for the language NASL and also for OVAL.
This works well for the openSUSE distributions because [3] contains the RPM IDs to check for.
It is not so easy for products like SLES where you have to follow a couple of links before you see the packages. This is not so simple to automize.
Do you see any chance to make life easier here?
Yes. I have "creating OVAL descriptions" for security updates on my short range TODO list.
that'll be cool because OpenVAS can handle OVAL directly. We'd then even not need the Generator. What is "short range" in SI units? ;-)
Also, we are lacking identifier strings for all of the different products. We usually look into /etc/SuSE-release to find out. Is there a list somewhere with _all_ identifiers?
Hmm. Not a conclusive list. :/
anything helps. Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335 08 30 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 18998 Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org
On Sat, Jan 10, 2009 at 12:10:13AM +0100, Jan-Oliver Wagner wrote:
On Freitag, 9. Januar 2009, Marcus Meissner wrote:
On Fri, Jan 09, 2009 at 11:13:53PM +0100, Jan-Oliver Wagner wrote:
the network security scanner OpenVAS [1] has progressed a lot since I mentioned it here on this list first time. Seem like it even made it into SUSE [2].
Now we are working on a automatic generator for security checks for SUSE based on the SUSE security announcements, like this one [3]. The generator creates so-called NVTs (Network Vulerability Tests) for the language NASL and also for OVAL.
This works well for the openSUSE distributions because [3] contains the RPM IDs to check for.
It is not so easy for products like SLES where you have to follow a couple of links before you see the packages. This is not so simple to automize.
Do you see any chance to make life easier here?
Yes. I have "creating OVAL descriptions" for security updates on my short range TODO list.
that'll be cool because OpenVAS can handle OVAL directly. We'd then even not need the Generator. What is "short range" in SI units? ;-)
I had planned end of January. But I cannot promise ;)
Also, we are lacking identifier strings for all of the different products. We usually look into /etc/SuSE-release to find out. Is there a list somewhere with _all_ identifiers?
Hmm. Not a conclusive list. :/
anything helps.
I will see what I can do. The future seems to lie in "CPE". Ciao, Marcus -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org
participants (2)
-
Jan-Oliver Wagner
-
Marcus Meissner