Dear all,
We're trying to use Nessus to monitor our system and we're having a hard time mapping the package versions from RedHat to CentOS in order to be able to report against CVE (vulnerability reports).
After some research, we think that the mapping is as follows (using HTTPD as the example):
CentOS httd-2.2.3-43.el5.centos.3 is equivalent to RedHat httpd-2.2.3-43.el5_5.3
So, it looks like CentOS replaces "_$MINOR_RELEASE" (in this case "_5") with ".centos" . Is this a fair assumption or are there other rules we are missing? Is this documented anywhere?
Thanks
Gabriel Tabares
2011/8/1 Gabriel Tabares gabriel.tabares@roboreus.com:
Dear all,
We're trying to use Nessus to monitor our system and we're having a hard time mapping the package versions from RedHat to CentOS in order to be able to report against CVE (vulnerability reports).
How do you use nagios to cve monitoring? Is there plugin available for that?
-- Eero
On Mon, Aug 01, 2011 at 07:21:24PM +0300, Eero Volotinen wrote:
2011/8/1 Gabriel Tabares gabriel.tabares@roboreus.com:
We're trying to use Nessus to monitor our system and we're having a hard time mapping the package versions from RedHat to CentOS in order to be able to report against CVE (vulnerability reports).
How do you use nagios to cve monitoring? Is there plugin available for that?
The OP mentioned nessus, not nagios. :)
--keith
On Mon, 1 Aug 2011, Eero Volotinen wrote:
To: CentOS mailing list centos@centos.org From: Eero Volotinen eero.volotinen@iki.fi Subject: Re: [CentOS] RedHat to CentOS packages
2011/8/1 Gabriel Tabares gabriel.tabares@roboreus.com:
Dear all,
We're trying to use Nessus to monitor our system and we're having a hard time mapping the package versions from RedHat to CentOS in order to be able to report against CVE (vulnerability reports).
How do you use nagios to cve monitoring? Is there plugin available for that?
Hi Eero.
Take a look at nmap, nessus and metaploit on youtube, see if that helps you with you CVE tests? It's in two parts.
Keith
----------------------------------------------------------------- Websites: http://www.karsites.net http://www.php-debuggers.net http://www.raised-from-the-dead.org.uk
All email addresses are challenge-response protected with TMDA [http://tmda.net] -----------------------------------------------------------------
On 01/08/11 17:10, Gabriel Tabares wrote:
Dear all,
We're trying to use Nessus to monitor our system and we're having a hard time mapping the package versions from RedHat to CentOS in order to be able to report against CVE (vulnerability reports).
After some research, we think that the mapping is as follows (using HTTPD as the example):
CentOS httd-2.2.3-43.el5.centos.3 is equivalent to RedHat httpd-2.2.3-43.el5_5.3
So, it looks like CentOS replaces "_$MINOR_RELEASE" (in this case "_5") with ".centos" . Is this a fair assumption or are there other rules we are missing? Is this documented anywhere?
The CentOS developers outlined the naming in this rather lengthy thread:
http://lists.centos.org/pipermail/centos-devel/2011-May/007477.html
But as outlined in that thread it is not always easy (or indeed possible) to establish which upstream source a given CentOS modified package is built from. A more reliable method would be to check the changelog.
On Mon, 1 Aug 2011, Ned Slider wrote:
But as outlined in that thread it is not always easy (or indeed possible) to establish which upstream source a given CentOS modified package is built from. A more reliable method would be to check the changelog.
A most reliable mechanism would be to examine the building .spec file, which is included in the SRPM, and for CentOS changed packages, the project releases all SRPMS, and particularly those for changed packages
-- Russ herrold
-
Eero Volotinen -
Gabriel Tabares -
Keith Keller -
Keith Roberts -
Ned Slider -
R P Herrold