On Tue, Sep 19, 2017 at 10:04:38PM +0200, Till Maas wrote:
On Thu, Sep 14, 2017 at 10:30:29PM -0400, Jason Callaway wrote:
> A number of exciting projects are planned for this SIG, but we already have
> a working alpha-version of our tool, the Enterprise Linux Exploit Mapper
> (ELEM) [0]. ELEM lets administrators scan their RHEL or CentOS systems for
> vulnerabilities that are associated with known exploits in the wild. We’re
> working on adding Fedora support to ELEM. It currently has only one exploit
> data source [1], but we’re adding more [2].
Are you also considering doing offensive security tests
on the Fedora infrastructure? This was my first association when I heard
the SIG's name. :-)
While that's of interest, it's also not an activity we can easily open
up to a community effort at this point. Some of the Fedora
infrastructure sits on equipment operated by Red Hat, so there are
restrictions on who'd be able to participate in offensive testing. In
discussing with Jason, I advised it was best not to set up false
expectations on that front.
--
Paul W. Frields
http://paul.frields.org/
gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233 5906 ACDB C937 BD11 3717
http://redhat.com/ - - - -
http://pfrields.fedorapeople.org/
The open source story continues to grow:
http://opensource.com