we've amassed a veritable "zoo" of Unix-versions: RHEL4+5, CentOS5,
FreeBSD, Ubuntu and lately Solaris.
We use these for a variety of reasons and each system does its job quite
well.
However, patch-management seems to be a weak spot in most cases.
RedHat offers "RedHat Network", but it costs a lot of money (and they
charge more if you want to put your servers in groups in the RHN - WTF?)
FreeBSD offers the portaudit database - we should be able to hack
together something with that.
But what about CentOS? If you have an array of CentOS servers - how do
you track which vulnerabilities each one has?
Running yum update every night is no option.
Does CentOS also maintain a vulnerability database along the lines of
FreeBSD?
How about Solaris?
Ubuntu?
How do you track vulnerabilities across your datacenter?
we've amassed a veritable "zoo" of Unix-versions: RHEL4+5, CentOS5,
FreeBSD, Ubuntu and lately Solaris.
We use these for a variety of reasons and each system does its job quite
well.
However, patch-management seems to be a weak spot in most cases.
RedHat offers "RedHat Network", but it costs a lot of money (and they
charge more if you want to put your servers in groups in the RHN - WTF?)
FreeBSD offers the portaudit database - we should be able to hack
together something with that.
But what about CentOS? If you have an array of CentOS servers - how do
you track which vulnerabilities each one has?
Running yum update every night is no option.
Does CentOS also maintain a vulnerability database along the lines of
FreeBSD?
How about Solaris?
Ubuntu?
How do you track vulnerabilities across your datacenter?
Regards,
Rainer
[ reply ]