OVAL, SCAP, CVE, CPE, ...

For a personal POC I wanted to see if it is possible to generate, based on the collection of CVE entries publicly available, a report informing a system administrator about possible vulnerabilities. Nothing fancy, just based upon versions.

A simple example: tool detects Perl, acquires installed Perl version, then matches …

more ...

Listing files of (not) installed software

Everyone that has been using Gentoo for a while now knows about tools such as qlist that show you the list of files installed by an (installed) package, or qfile that allows you to find which package provided a particular file on your system.

One thing lacking is to be …

more ...



Question yourself v2

A new version of the Quizzer webscript is available. The demo has also been updated with quick tests on the first few chapters of Linux Sea.

More exercises on the following chapters will follow soon.

Updates to the script include visual accept/reject of single-choice and multiple choice answers and …

more ...

Question yourself

Do you ever write down things in the hope you never forget them, but still think it would be better if you could somehow take a test of that subject from time to time to make sure you don't forget?

I do, and I found it quite difficult to keep …

more ...



License support in Gentoo

It's a bit sad that Gentoo didn't promote this more, but Gentoo users now have support for license-based masking.

What does this mean? Well, previously, Gentoo already supported various masking reasons (like stable versus staging - the x86 versus \~x86 saga, package.mask'ing - for security reasons or critical bugs, ...). Now, a …

more ...

Executing, but only when you're home

Sometimes you want to execute a particular command, but only when you're at home. Examples would be running fetchmail (or fetchnews) through cron, but you don't want this to run when you're in the train, connected to the Internet through GPRS...

My idea here would be to create a script …

more ...