Re: is there a software utility that can audit the security for debian?
On Wed, 20 Apr 2005, Lei Sun wrote:
> Is there any software utility that I can install on debian, which in fact
> can audit the security for debian itself?
>
> For example, like portaudit for freebsd.
that's just a port scanner ??? ( i say that's sorta meaningless ...
meaningless in that if it says port25 is open on your mail server,
what do you do about it ??
you want to upgrade to the lastest version or if there's
any known exploits for it
same for port scanners finding port80 open on your web server ...
what do you do about it ??
you want to upgrade to the lastest version or if there's
any known exploits for it
- ditto for each open port ... and each application
- you want to know if there's an existing exploit the script
kiddie can use against you ??
- all ports should be closed by default .. nothing running on it
- port scanners
( pick your fav port scanners: nessus, nmap, .. )
http://www.Linux-Sec.net/Scanner/
- host audits
( pick your fav host auditors .. tripwire, aide...
http://www.Linux-Sec.net/Audit/
- host monitoring
http://www.Linux-Sec.net/IDS/
- host hardening
http://www.Linux-Sec.net/Harden/
bastille, ..
- testing your servers .. ( dns, web, mta, ... etc.etc.. )
http://www.Linux-Sec.net/DNS/#Testing
http://www.Linux-Sec.net/Web/#Testing
http://www.Linux-Sec.net/Mail/Testing
...
is there "one software utility" that "security audit for debian" .. yes ..
do you need more than one ... bigger yes ..
c ya
alvin
Reply to: