RE: Automatic Security Patching for Debian
From: Adam Shephard (adams@firstfederalbanking.com)Date: 08/26/02
- Previous message: Martin, James E.: "RE: Should Security Team Be Split?"
- Maybe in reply to: Kristian Du: "Automatic Security Patching for Debian"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Adam Shephard <adams@firstfederalbanking.com> To: 'Kristian Du' <kristian_du@katamail.com>, security-basics@securityfocus.com Date: Mon, 26 Aug 2002 08:38:58 -0500
> Wouldn't it be nice to have a piece of software, such as apt-get
> combined with nessus, that port-scans your machine and retrieves from
> the net existing patches and installs them for you automatically?
Well, since you're talking about Debian specifically, you could just write a
little Perl script that
1. modifies /etc/apt/sources.list to comment out all lines except the one
containing the deb line for security updates
2. does an apt-get update
3. does an apt-get upgrade
4. modifies /etc/apt/sources.list to uncomment the lines commented out in
step 1
Throw in a cron job to run this on a regular basis and you have a system
that updates all of the existing security patches, whether you have a hole
or not.....if that is what you really want.
- Previous message: Martin, James E.: "RE: Should Security Team Be Split?"
- Maybe in reply to: Kristian Du: "Automatic Security Patching for Debian"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
