Keeping your installed software secure.

You know how to use cvsup to keep your ports up to date, but how do you know what ports have security vulnerabilities?

Portaudit is a program that will do just that.

Install portaudit, from a port.
# cd /usr/ports/security/portaudit
# make install clean

If everything goes okay with the install, download the vulnerabilitie database.
# portaudit -F

Now check your installed software.
# portaudit -a

Portaudit installs a periodic script into /usr/local/etc/periodic/security/410.portaudit, so you should receive a security email every day with the portaudit report attached.

Combined with updating your ports from cvsup and using portupgrade, you should be able to keep your system protected from known security problems.