Results 1 to 6 of 6

Thread: Working with Debsecan and CVE's

  1. #1
    Join Date
    May 2021
    Beans
    4

    Working with Debsecan and CVE's

    I've installed Debsecan and weekly I check for new updates. I have a whitelist for issues not related to our infrastructure or in our case.

    Are there more admins out there doing these things on a weekly basis? How do you work? How do you solve all issues?

    My greatest problem at the moment is that my current setup is very labor intensive... I would prefer a more autonomous process! I need inspiration!

  2. #2
    Join Date
    Oct 2009
    Beans
    Hidden!
    Distro
    Ubuntu 18.04 Bionic Beaver

    Re: Working with Debsecan and CVE's

    Are you running the scan because you are building stuff against those packages or so you can make sure your systems are secure?

    If you are worried about keeping your system up-to-date, you can install the unattended-upgrades package and set it to automatically install security updates.
    Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide

    Tomorrow's an illusion and yesterday's a dream, today is a solution...

  3. #3
    Join Date
    May 2021
    Beans
    4

    Re: Working with Debsecan and CVE's

    We are working with a big organization where security is an issue. Of-course... We make pods of virtual servers and the current pod is based on an older version of Ubuntu.
    I monitor the CVE's and I need to report when there are CVE's that affects our current set up and infrastructure.
    Maybe there are other admins out there with a similar approach?
    If so, what tools do you use to keep track of the CVE's that may do harm to your infrastructure and / or extra jobb for the organization you represent?

  4. #4
    Join Date
    Oct 2009
    Beans
    Hidden!
    Distro
    Ubuntu 18.04 Bionic Beaver

    Re: Working with Debsecan and CVE's

    Quote Originally Posted by civilpolisen View Post
    We are working with a big organization where security is an issue. Of-course... We make pods of virtual servers and the current pod is based on an older version of Ubuntu.
    I monitor the CVE's and I need to report when there are CVE's that affects our current set up and infrastructure.
    Maybe there are other admins out there with a similar approach?
    If so, what tools do you use to keep track of the CVE's that may do harm to your infrastructure and / or extra jobb for the organization you represent?
    There are several scanners out there that will scan your entire environment for vulnerabilities so you can address them. The one I've used is Nessus, but there are others like OpenVAS as well.

    If you are dead set on using debscan instead of one of those applications, you might want to look into automating it via Ansible/Puppet/Chef/etc, so you don't have to manually run it on the machines.

    Also, it should be noted that everything can give you a false positive or flag something that isn't really a vulnerability in your environment - that means it isn't a "run and done" tool. You still need to know enough about your environment to determine what is and what is not a legitimate vulnerability, but they should give you a place to start.
    Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide

    Tomorrow's an illusion and yesterday's a dream, today is a solution...

  5. #5
    Join Date
    May 2021
    Beans
    4

    Re: Working with Debsecan and CVE's

    Thank you! I'm sort of familiar with Puppet and Chef. At least, I know what they do... The issue for me, at the moment, is that I do all work manually.

    Maybe I'll build a tool myself, where I can paste the limited log and all the CVE's in this list will be linked to the actual info page for each CVE...!
    This is a such a demanding task, copy / paste, that I was hoping someone would have made such solution!

    But maybe I was wrong! It happens!

  6. #6
    Join Date
    Apr 2011
    Location
    Mystletainn Kick!
    Beans
    12,180
    Distro
    Ubuntu

    Re: Working with Debsecan and CVE's

    I was hoping someone would have made such solution!
    Is this something you could try
    https://snapcraft.io/cvescan
    Last edited by deadflowr; May 28th, 2021 at 04:51 PM. Reason: Add statement, blah blah
    Splat Double Splat Triple Splat
    Earn Your Keep
    Don't mind me, I'm only passing through.
    Once in a blue moon, I'm actually helpful
    .

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •