安全扫描工具 Buck-Security

On 2010年11月10日, in soft, by netoearth

Buck-Security 是专为 Debian 和 Ubuntu 开发的安全扫描工具,可帮助你对系统进行全面的安全漏洞检测,例如找出任何人可写的文件和目录、setuid 和 setgid 程序、超级管理员帐号,以及系统中安装的攻击软件等等。Buck-Security is a security scanner for Debian and Ubuntu Linux. It runs a couple of important checks and helps you to harden your Linux system. This enables you to quickly overview the security status of your Linux system.

As a system administrator you often get into situations where you have to take care of a server, that has been maintained by other people before. In this situation it is useful to get an idea of the security status of the system immediately. Buck Security was designed exactly for this. It runs a few important checks and returns the results. It was desigend to be extremly easy to install, use and configure.


ATTENTION: Buck Security should be just a small tool in your holistic security concept. Server security is a complex PROCESS which can’t be guaranteed by a simple tool.

By now the following tests are implemented:
– Searching for worldwriteable files
– Searching for worldwriteable directories
– Searching for programs where the setuid is set
– Searching for programs where the setgid is set
– Checking your umask
– Checking if the sticky-bit is set for /tmp
– Searching for superusers
– Checking firewall policies
– Checking if sshd is secured
– Creating and checking checksums of system programs
– Searching for installed attack tools packages

Installation
buck-security comes as zip-file. Just download the latest version and unzip the the zip-file using the command: unzip buck-security_0.5.zip

To start the checks run the buck program (type ./buck while in the buck-security directory).

cd buck-security_0.5
sudo ./buck

Or run buck –help to get information about the options.

You can configure Buck Security by editing the file conf/buck.conf Here you can enable and disable the different checks by deleting them from the list. By default all checks are enabled.

Similarly check >> Detecting Rootkits in Ubuntu system using Chkrootkit and Rkhunter

Comments are closed.