$Id: /index.php,v 1.20 2002/09/18 19:29:02 galahad Exp $
.:: Download ::
Forums ::
Feature Request ::
Support ::
Summary ::.
SecScript is intended to be an easy way for new or advanced linux administrators to check the security of their boxes.
The script actually is a little out-of-date, and need a few modifications to meet the actual standards of linux. When I started the standard was inetd, kernel 2.2.14 and other stuffs as old as that. I'm working as hard as possible to make it updated again, and also to allow the verification of the boxes with new daemons in order to see if they are vunerable to any reported security flaw. Saddly I haven't got the avaiable time to dedicate to this project.
So, if you know bash, awk, sed and python (the last one isn't a requirement), and want to help me developing the script, drop me a line. My e-mail is anonymous (at) galahad.com.br.
I've started this script for my personal use, and only when it was stable enough I decided to publish it on the Internet.
The first public release was November/15/2001 and due to a major bug, I've released a new one correcting the bug at November/27/2001.
SecScript-lnx-1.0.1 - 2001/11/27 - Stable
1.0.1
* Check for unowned files;
* Check for insecure daemons at inetd;
* Check for sniffers;
* Check for insecure services on network;
* Check for users accounts using insecure shells and/or no password;
* Check for suspect daemons running;
Here is a list of what I have in mind for this script:
-> Check xinet.d daemons (Working on it)
-> Check for daemons and services versions
-> Check for RPM databases, if RedHat
-> Give the user options for choosing which services to verify
-> Check for individual servers, as DNS, web, ftp, mail
-> Scan for known trojans
-> Port the whole script to python
If you find something interesting to be in this script, drop me a line or place your request at Feature Request form.
|
e-mail: anonymous (at) galahad dot com dot br $Id: /index.php,v 1.20 2002/09/18 19:29:02 galahad Exp $ |
|