Local portaudit server.

lars at gmx.at lars at gmx.at
Sat Mar 11 08:50:56 UTC 2006

David Robillard wrote:
> Hello,
> We use the port security/portaudit on all of our FreeBSD servers.
> Currently, every machine has to out on the internet to download the
> portaudit vulnerability database from the FreeBSD server.
> Since all of the machines are downloading the exact same file, we
> would like to setup a local portaudit server. This server would fetch
> the vulnerabilty file and all the rest of our servers would fetch it
> from the local portaudit server.
> Has anyone done this setup? Any help/pointers would be great.

I haven't done it but I don't think it should be a problem:

If you look at the portaudit script

you'll find that the auditfile is located here:

You can get it manually, try.

So by changing some variables in

         : ${portaudit_dir="/var/db/portaudit"}
         : ${portaudit_filename="auditfile.tbz"}

         : ${portaudit_fetch_env=""}
         : ${portaudit_fetch_cmd="fetch -1mp"}

         : ${portaudit_sites="http://www.FreeBSD.org/ports/"}

         : ${portaudit_fixed=""}

         if [ -r /usr/local/etc/portaudit.conf ]; then
                 . /usr/local/etc/portaudit.conf

on each machine you should be able to guide them to your local machine.


More information about the freebsd-questions mailing list