DevHeads.net

Postings by Wynona Stacy Lockwood

Looking for suggestions on free/libre open source security scanning and pen testing products

Dear list,

I've been using and supporting OpenVas since about day one, and I like many
others am tired of it breaking every time a package has a minor update. I
don't wish to discuss that as I have decided that it's just not ready for
prime time despite all the work put into it. So my question is this:

What else is there? What do you use in your environment to conduct security
scanning and penetration testing other than OpenVas?

Strange sudoers problem.

I have an odd problem with sudoers. Recently, I've tried to make use of
/etc/sudoers.d/ rather than editing /etc/sudoers itself. This, in theory,
should ensure that future upgrades to sudo will not munge my additions by
leaving the stock /etc/sudoers intact. Research has lead me to believe that
files in /etc/sudoers.d/ need to be dot files (I.E. a "hidden" file) and
need to be mode 0440. I have done both of these things, however, the groups
I define for sudo access in my /etc/sudoers.d/.devops.sudoers file are not
processed, even after a reboot. Anyone else have this problem?