debcvescan
Debian CVE Scanner is self-contained CVE scanner for DEBIAN distributions written in golang. (by devmatic-it)
GOdin
GOdin is an open source monitoring server and agent for linux systems. Its main feature is currently monitoring the state of installed packages. It is intended to use with visualising software (ex. Grafana). (by Ataraxxia)
| debcvescan | GOdin | |
|---|---|---|
| 1 | 5 | |
| 27 | 2 | |
| - | - | |
| 0.0 | 1.0 | |
| almost 2 years ago | about 2 years ago | |
| Go | Go | |
| Apache License 2.0 | GNU General Public License v3.0 only |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
debcvescan
Posts with mentions or reviews of debcvescan.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-01-13.
-
Debian/Ubuntu changelog??
So I wrote a thorough checkmk local check script to report on patch state, and we were able to then pull reports straight out of our monitoring system. You can see a lobotomised version of said script here. When it came time for me to apply the same work to Debian/Ubuntu, I found that ecosystem to be somewhat brutally lacking compared to the RHEL world. You can see in that script that I mention debsecan, and for Ubuntu you'd need to pair it with ust2dsa. What I don't clearly mention in that script, though I hinted at it, is that I was exploring a way to parse Ubuntu's security JSON feeds... and it looks like Canonical started doing that themselves with their in-house cvescan tool. There's also the debcvescan tool for the Debian world.
GOdin
Posts with mentions or reviews of GOdin.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2021-09-02.
- Godin – manage package upgrades on multiple servers
- Godin - management of package upgrades on multiple servers
-
Monitoring Linux package upgrades
I also wrote my own solution to the problem: https://github.com/Ataraxxia/godin inspired by patchman, using Grafana for data presentation and PostgreDB for storing JSON-structured client reports. Currently works for apt and yum.
-
Monthly 'Shameless Self Promotion' thread - 2021/09
https://github.com/Ataraxxia/godin https://grafana.com/grafana/dashboards/14939 <- sample Grafana dashboard
What are some alternatives?
When comparing debcvescan and GOdin you can also consider the following projects:
sec-cvescan - Analyzes an Ubuntu system and checks for unpatched vulnerabilities.
patchman - Patchman is a Linux Patch Status Monitoring System
netscan - A fast TCP port scanner
userd - Userd gathers user account information from the specified git repository, then administrates the Linux accounts and their ssh access across particular servers.
ust2dsa - Improves Ubuntu security feed compatibility allowing it to be consumed by Debian vulnerability report tool, debsecan.
zig-deb - Package zig into an apt package for installing on debian / ubuntu