Re: is there a software utility that can audit the security for debian?

[Alvin Oga <aoga@mail.Linux-Consulting.com>]

On Wed, 20 Apr 2005, Lei Sun wrote:

> Is there any software utility that I can install on debian, which in fact 
> can audit the security for debian itself?
> 
> For example, like portaudit for freebsd.

that's just a port scanner ??? ( i say that's sorta meaningless ...

meaningless in that if it says port25 is open on your mail server,
what do you do about it ??  
	you want to upgrade to the lastest version or if there's
	any known exploits for it

same for port scanners finding port80 open on your web server ... 
what do you do about it ??
	you want to upgrade to the lastest version or if there's
	any known exploits for it

- ditto for each open port ... and each application 
	- you want to know if there's an existing exploit the script
	kiddie can use against you ??

- all ports should be closed by default .. nothing running on it

- port scanners 
	( pick your fav port scanners: nessus, nmap, .. )
	http://www.Linux-Sec.net/Scanner/

- host audits
	( pick your fav host auditors .. tripwire, aide...
	http://www.Linux-Sec.net/Audit/

- host monitoring 
	http://www.Linux-Sec.net/IDS/

- host hardening
	http://www.Linux-Sec.net/Harden/
	bastille, ..

- testing your servers .. ( dns, web, mta, ... etc.etc.. )
	http://www.Linux-Sec.net/DNS/#Testing
	http://www.Linux-Sec.net/Web/#Testing
	http://www.Linux-Sec.net/Mail/Testing
	...

is there "one software utility" that "security audit for debian" .. yes ..
do you need more than one ... bigger yes ..
			
c ya
alvin