Re: Checking for most recent Solaris Security Patches

[jonr () SDATA NO (Jon Ross)]

On Wed, Jan 13, 1999 at 09:26:51PM +0100, Linux Mailing Lists wrote:
> Hello,
>
> > Or use the automated email patch status robot at pogostick.net.
> > See http://pogostick.net/~pdiag/english.html
> > (or http://pogostick.net/~pdiag/ if you want it in norwegian)
> > for more info.
>
> Doesn't sound very good to send the configuration of your machine over the
> internet by email. What if someone gets it and use that information to
> know the vulnerabilities of your server? Using your service he would know:

Our (my) service makes no pretence of being a service that extremely
vulnerable machines should use. But then again, the mail you send
doesn't need to identify _which_ machine the showrev output is from.
Just take the showrev/pkginfo from one machine, put it into a file,
email it from anothe machine (with correct subject).
So any eavsdropper would only know that somewhere (in the world) there
is a Sun/Solaris machine with this software/patchlevel.

> * Which Software you have installed in your server
> * Which patches you have applied (and what's more interesting, which
>   patches you *haven't* applied)
> * The OS version, platform, etc...
> * Your server's name
>
> Mmmmmmm... Just the information someone would need to hack your system :)
>
> What about making public the program you use, to run it locally?
>
> (showrev -p ; pkginfo -l)|yourniceprog

The program is just an email wrapper around suns patchdiag (currently v 1.0.2).
Many other nice people have submitted programs to this (bugtraq) mailinglist
that lets you do this locally.


> Greetings,
>                                                         Sergio
>
> PS: Who knows who is really receiving your information at
> pdiag () pogostick net ;)

I do!

--
Jon Ross, Ark Norge AS - Divisjon Skrivervik Data,
P.B. 3885 U.S., N-0805 OSLO, NORWAY
Phone +47 2218 5891, Cellular +47 915 35 708, Fax +47 2218 5998