We are currently wokring on the Pakiti version 3. The server side is completely written from the scratch, because current version of the Pakiti reaches its limits. The client side has been untouched. Pakiti v3 is designed for the environments with the 10.000+ hosts and shloud provides capabilities to be easily integrated into the existing monitoring infrastructures. New version is designed as strictly modular.
- Optimized DB schema and increased performance
- Simplified configuration
- Exception support, CVE or package can be tagged as an exception, so it won't be shown as an vulnerability (applied for localy patched packages)
- Unified import system for the OVALs and package repositories
- Hosts grouping and tagging
- Additional access channels: RPC and CLI
- Additional output formats: CSV, XML
Pakiti v3 schema
- Core - Represents database and set of functions which operate the hosts, packages, vulnerabilities, ... entries.
- Feeder - Module which receives reports from the hosts. It checks whether the host report containing any changes from the previous report, only real changes are stored in the database. Feeder can work in two modes. In synchronous mode the reports are processed immediatelly and the host can optionally receive the results. In asynchronous mode the Feeder will store the report in the file on the server and the processing is made afterwards, when the Pakiti server has time to process it.
- VDS - Vulnerability Definitions Source Module. This module synchronizes internal vulnerability database with external sources like vendors packages repositories or OVAL definitions.
- Configuration - Module which provides all configuraion options of the Pakiti. These configuration options can be managed by Synchronizer, which synchronizes data with the external systems. For example access control lists, list of sites, contact informations.
- Analysis - Module which gatheres statistical data and provides reports.
- CLI/RPC/Web GUI - Three access channels used for the communication with the Pakiti server.
The source code is available at SVN Respository. Be aware that current code is under development, so it is not intended to work at this stage. We will inform about the release on this pages.
If you have any questions, contact Michal Prochazka michalp(at)ics.muni.cz