Re: Patch management tool

From: Miles Stevenson (miles@mstevenson.org)
Date: Fri Sep 03 2004 - 12:13:56 EDT


Milind,

 I don't see what your question has to do with pen-testing. Please try and
keep your questions relevant to the discussion topic of the list. This post
would be more appropriate for the security-basics list.

 I'm not aware of a tool that can push package updates to all the different
linux distributions out there. You have to remember, some of these distro's
are RPM based such as SuSe and RedHat/Fedora, while some are source based,
such as Gentoo and Slackware. It is a good idea to treat each individual
linux distro as a seprate operating system. Just as you would differentiate
FreeBSD from RedHat, you should differentiate RedHat from SuSe. Each of these
systems have their own way of managing updates. You will be much better off
sticking to just a few different operating systems in your environment and
managing updates to them using tools that were meant for that OS.

 Keeping your systems patched and up-to-date takes constant vigilance. There
is no magic tool that is going to solve all your problems here. Sorry.

On Friday 03 September 2004 05:45 am, Milind Nanal wrote:
> List,
>
> Looking for best free tool /open source solution for Linux operating system
> patches management. There are commercial tools available like Novell
> zenworks, Shavlik Technologies. But I am looking for non commercial option.
>
> Some thing like patch distribution server which possibly push the recent OS
> patches to other linux systems. Linux distribution should covering RedHat,
> Suse other linux flavors.
>
> Quick response is highly appreciated.
>
> Regards,
>
> Milind
>
> ---------------------------------------------------------------------------
>--- Ethical Hacking at the InfoSec Institute. All of our class sizes are
> guaranteed to be 12 students or less to facilitate one-on-one interaction
> with one of our expert instructors. Check out our Advanced Hacking course,
> learn to write exploits and attack security infrastructure. Attend a course
> taught by an expert instructor with years of in-the-field pen testing
> experience in our state of the art hacking lab. Master the skills of an
> Ethical Hacker to better assess the security of your organization.
>
> http://www.infosecinstitute.com/courses/ethical_hacking_training.html
> ---------------------------------------------------------------------------
>----

-- 
Miles Stevenson
miles@mstevenson.org
PGP FP: 035F 7D40 44A9 28FA 7453 BDF4 329F 889D 767D 2F63




This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:03 EDT