On Saturday 04 September 2010 10:03:21 Chris Knadle wrote: > On Friday 03 September 2010 23:38:17 Orion Vianna wrote: > > Hello, > > > > I have been searching for security tools and methods for my personal VPS. > > My VPS is mostly used for LAMP (php & python). > > > > Some of the things I did: > > - no root logins for sshd > > Also look at the "AllowUsers" setting for ssh_config
oops -- correction -- for sshd_config ... > > Is there a site which can provide security notifications over email for > > specific software. I like to keep track of a couple of packages I have > > compiled. > > Well, there are programs that can scan local software for vulnerabilities, > like 'flawfinder', 'debsecan' (for Debian boxes), 'rats', 'wapiti', etc. > I've occasionally tried one of these. 'debsecan' also works for Ubuntu, too. What this does is look up the known vulnerabilities for installed packages via the web and reports them to you via email. -- Chris -- Chris Knadle [email protected] _______________________________________________ Mid-Hudson Valley Linux Users Group http://mhvlug.org http://mhvlug.org/cgi-bin/mailman/listinfo/mhvlug Upcoming Meetings (6pm - 8pm) MHVLS Auditorium Oct 6 - Creating Browser Extensions for Firefox and Chrome Nov 3 - Bug Labs Dec 1 - Dec 2010 Meeting
