[Soc-coordination] Summarising

Javier Fernández-Sanguino Peña jfs at computer.org
Sun Sep 23 09:48:19 UTC 2007 

On Fri, Sep 21, 2007 at 06:57:53PM +0100, Steve McIntyre wrote:
> On Thu, Sep 13, 2007 at 11:24:06PM +0100, Steve McIntyre wrote:
> >Mentors, can you please give me summaries of how your projects went
> >this year. I'm planning on posting to d-d-a and copying the google
> >list too, so some ammunition would be useful! :-)

I mentored Pavel Vinogradov in this year's SOC. He worked on a project
named "OVAL agent for Debian", its primary goal was to provide a software
agent-server infraestructure to make it possible to monitor security issues
across many Debian systems. More information on what the project's goals
can be found at http://wiki.debian.org/SummerOfCode2007/ovalagent. OVAL,
the Open Vulnerability Assessment Language, is a framework for describing
security issues, more information on OVAL is available at
http://oval.mitre.org.

Debian has been represented at the OVAL board since 2003 but, even though
there was an OVAL an schema for Debian, no specific security tests had been
written for Debian in OVAL and OVAL tools (the reference interpreter) where
not adapted for use in Debian.

Pavel has been working hard in order to reach the ambitious project goals and
I'm happy to say he has completed most of the project goals in the SOC's
timeframe. Right now we have:

- the reference OVAL interpreter has been adapted for Debian systems and is
  now available as a Debian package.
- a tool has been developed to automatically convert Debian advisories into
  OVAL definitions, this tool will soon be run at the official web servers so
  people can download advisories in machine parseable formats and evaluate
  them with the interpreter.
- both an OVAL agent and server have been developed but are still in beta
  stage. These can be used to centrally monitor a cluster of Debian systems
  from a single central point through server to agent interaction and the
  exchange of OVAL defintions. These pieces will be packaged and distributed
  in Debian hopefully soon.

Overall, this project has developed more tools to help system administrators
maintain their Debian systems secure. There is still room for improvement and
enhancements to this infraestructure but we hope that through wider testing
and adoption a community would be assembled around them. Pavel, this year's
student, wishes to keep working on these tools and will maintain the lead
developer role in this project.

Regards

Javier
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/soc-coordination/attachments/20070923/1b41635b/attachment.pgp

More information about the Soc-coordination mailing list