On Saturday 02 May 2009 14:50:14 Jeroen Hofstee wrote: > I tried to find a program which could scan the local filesystem and > extract a lists of well known > web projects (yoomla, wordpress etc), extract the installed version > number and match it against > a database of known vulnerabilities. Similiar to portaudit, but then for > the standard scripts users > install themselves. I was unable to find such a program in the ports. > > Does such an utilities exists for FreeBSD ?
Not that I'm aware of and it's hell to write and keep current. There's 2 good policies for this kind of thing: - Don't allow any plugins of any kind to be installed via CMS/Gallery software etc. and deal with the complaints - Put them in a seperate jail and make sure client understands he's responsible for getting hacked and loosing hours of work by installing unsafe plugins. -- Mel _______________________________________________ firstname.lastname@example.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"