[Linux-Biella] Re:UNIX Security Checklist

andrea_ferraris@libero.it linux@ml.bilug.linux.it
Sun, 12 Oct 2003 13:51:47 +0200

Previous message: [Linux-Biella] Modifiche Kernel
Next message: [Linux-Biella] Problemi compatibilita` OO MSoffice e Portatile Medion 5060
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Qualcuno sa se c'e`  (sono sicuro di si`) e dove si puo`
> scaricare uno script che faccia i controlli per verificare
> che un sistema UNIX sia conforme alle raccomandazioni
> che si possono trovare qui:
> 
> http://www.auscert.org.au/render.html?it=1935
> 
> Andrea

Anche se non specificamente studiati sulla checklist di cui ho dato i
riferimenti, ho trovato su freshmeat in una ricerca per security
checklist:

Adeos (named after the Roman goddess of modesty) is an automated
----- 
filesystem security scanner.  It recursively walks all mounted
filesystems on the local system and attempts to identify common
security concerns such as SUID and world-writeable files.

[...]

For more information about Adeos, including sample results, see the
webpages at http://linux.wku.edu/~lamonml/software/


javert 0.8
----------

[...]
Though the system has some limitations, it was designed mostly as
proof of concept to show that it is possible to build a scalable,
secure arc hitecture for the performance of these two valuable
host-based security tasks.    This enhances the usefulness of these
tasks, especially in medium-to-large environments, allowing
administrators to relieve themselves from the burden of performing
these security checks, while securely obtaining the often valuable
results that the checks themselves produce in a timely manner.


lsat:
-----
dal README: 
NOTE: This is still BETA software and should be treated as such.
----------------------------------------------------------------
Hoempage:

The homepage for lsat is http://usat.sourceforge.net
The backup homepage is http://www.dimlight.org/lsat
The homepage for lsat used to be http://www.dimlight.org/~number9/lsat

----------------------------------------------------------------
About:

Linux Security Auditing Tool (LSAT) is a post install security
auditing tool. It is modular in design, so new features can be added
quickly. It checks inetd entries and scans for unneeded RPM packages.
It is being expanded to work with Linux distributions other than Red
Hat, and checks for kernel versions.

[...]


Soundcheck di Adouva (non GPL e senza sorgenti). Da README:
----------
[...]
SoundCheck runs checks on the system:
* Dependencies check: dependency issues check on all installed
components
* Security and bug fix checks: whether there are components
  that could be upgraded with patches for security or bug fixes
[...]


tiger (credo che il suo target siano sistemi ormai abbastanza vecchi:
-----   e` vecchiotto)

[...]
'tiger' is a set of scripts that scan a Un*x system looking for
security problems, in the same fashion as Dan Farmer's COPS.  'tiger'
was originally developed to provide a check of UNIX systems on the A&M
campus that want to be accessed from off campus (clearance through the
packet filter).  As such, we needed something that *anyone* could run
if they could figure out how to get it down to their machine.
[...]

Probabilmente c'e` di piu` e di meglio, ma a una prima e voloce
ricerca ho trovato questi.

A livello di controllo continuo della sicurezza, soprattutto per
quanto riguarda l'integrita` dei files e il check delle password
deboli, gli strumenti piu` consigliati e usati sono Tripwire e AIDE
(integrita` files) e JohnTheRipper (crack password).

Se qualcuno ha notizie in piu`, e` invitato a postarle.

Andrea

Previous message: [Linux-Biella] Modifiche Kernel
Next message: [Linux-Biella] Problemi compatibilita` OO MSoffice e Portatile Medion 5060
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]