{"id":44,"date":"2004-09-16T11:06:35","date_gmt":"2004-09-16T16:06:35","guid":{"rendered":"https:\/\/vitaluna.net\/wordpress\/?p=44"},"modified":"2004-09-16T11:06:35","modified_gmt":"2004-09-16T16:06:35","slug":"i-hate-security-audits","status":"publish","type":"post","link":"https:\/\/vitaluna.net\/?p=44","title":{"rendered":"I hate security audits"},"content":{"rendered":"<p>So, I&#8217;m dealing with a security audit of our web server right now, since we have a new customer who jumped over that needs it for regulatory reasons. While there&#8217;s nothing dreadfully serious about the results, I&#8217;m mad as hell at the fact that Red Hat Enterprise Server&#8217;s wonderful, magical up2date utility has apparently *not* been functioning correctly. It won&#8217;t even run from the CLI. Grrr.<br \/>\nTherein lies my biggest frigging frustration with (a) Linux, and (b) computers in general. If I had the level of reliability that these machines tend to have, I&#8217;d be fired. I know I&#8217;m committing some anthropomorphism here, but, come on. I&#8217;m in a &#8220;time to live on an island&#8221; mode at the moment. <b>UPDATE:<\/b> Apparently, it was running correctly. The security audit performed by <a href=\"http:\/\/www.qualys.com\">Qualys<\/a> isn&#8217;t quite as comprehensive as it appears. Many of the vulnerabilities found by the scan are determined by testing version numbers, which Qualys finds simply by making a connection to the socket a program is listening on.  This is not the same as testing for a vulnerability (and thank the lord they don&#8217;t do that &#8212; I&#8217;d be really pissed if they started poking into vulnerabilities, for testing purposes or not.  Since RedHat back-ports patches, rather than upgrading versions, this means that what looks bad to Qualsys is actually just a version of the software that is stable, but patched.<br \/>\nThis is what happens when automatic tools are used to perform security checks. Silly testing.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>So, I&#8217;m dealing with a security audit of our web server right now, since we have a new customer who jumped over that needs it for regulatory reasons. While there&#8217;s nothing dreadfully serious about the results, I&#8217;m mad as hell at the fact that Red Hat Enterprise Server&#8217;s wonderful, magical up2date utility has apparently *not*&hellip; <a class=\"more-link\" href=\"https:\/\/vitaluna.net\/?p=44\">Continue reading <span class=\"screen-reader-text\">I hate security audits<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-44","post","type-post","status-publish","format-standard","hentry","category-tech-bytes","entry"],"_links":{"self":[{"href":"https:\/\/vitaluna.net\/index.php?rest_route=\/wp\/v2\/posts\/44","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/vitaluna.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/vitaluna.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/vitaluna.net\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/vitaluna.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=44"}],"version-history":[{"count":0,"href":"https:\/\/vitaluna.net\/index.php?rest_route=\/wp\/v2\/posts\/44\/revisions"}],"wp:attachment":[{"href":"https:\/\/vitaluna.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=44"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/vitaluna.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=44"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/vitaluna.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=44"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}