All posts by Maksim Bronsky

Retrospection: Flying Circus at CLT2017

The Chemnitzer Linux Tage is a venue which needs no big introduction I guess. Connecting the (mostly) German Linux and open source enthusiasts for almost two decades now is a big achievement and a great event to catch up and meet people in #rl (real life). As we did in the last years we try to continuously make some kind of effort in participating, be it as lecturer, sponsor or having workshops.  This year we decided to introduce Vulnix, a tool for detecting potential vulnerabilities on running systems or nix-driven projects. I wrote about it here and there.

The Lecture

 


[1] Vulnix v1.0 release
[2] Introducing vulnix – a vulnerability scanner for NixOS

Vulnix v1.0 release

Intro

Back in May I introduced you to the development of vulnix, a tool which initially was done to find out whether a system (might) be affected by a security vulnerability. It does this by matching the derivations name with the product and version specified in the cpe language of the so-called CVEs (Common Vulnerabilities and Exposures). In the meantime we introduced the tool to the community at the Berlin NixOS Meetup and got some wonderful input in which directions we might extend the features. We sprinted the next two days to improve the code quality and broaden the feature set.

Continue reading Vulnix v1.0 release

Introducing vulnix – a vulnerability scanner for NixOS

As we are in the preliminary phase of  releasing our new NixOS based platform as a stable, security related topics gain further momentum.  The question of how and when a system is affected by a security flaw is certainly not only related to our use-case, we suspect this to be of importance for some.

Continue reading Introducing vulnix – a vulnerability scanner for NixOS