Wednesday, August 1, 2018

security - Ways to follow newly discovered vulnerabilities?



I happened to be in a situation where I am in charge for 100+ systems on top of my job as a programmer. Everything we run is Linux (Debian, Ubuntu, Centos) and gladly our sysadmin set everything with chef, so security patches can be applied quickly.




I would like to know how can I follow newly discovered vulnerabilities spending least amount of time.



As a programmer I am a fan of Gemnasium, which does this kind of job for ruby gems I use in my projects.


Answer



To be updated regarding your distribution your first stop should be the appropriate mailinglist and the advisory list from distribution



Debian



Mailinglist: https://www.debian.org/MailingLists/subscribe




Webpage: https://www.debian.org/security/



CentOS



Mailinglist: http://lists.centos.org/mailman/listinfo



Webpage: http://lists.centos.org/pipermail/centos-announce/



Ubuntu




Maillist: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce



Webpage: http://www.ubuntu.com/usn/



Further you can keep an eye on http://nvd.nist.gov/ or https://cve.mitre.org/


-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...