The checksecurity command runs a small collection of simple system checks which are designed to catch a few common security issues.
The checksecurity command scans the mounted files systems (subject to the filter defined in /etc/checksecurity.conf) and compares the list of setuid programs to the list created on the previous run. Any changes are printed to standard output. Also, it generates a list of nfs and afs filesystems that are mounted insecurely (i.e. they are missing the nodev and either the noexec or nosuid flags).
checksecurity is run by cron on a daily basis, and the output stored in /var/log/setuid/setuid.changes.
Checksecurity Installation:
Under Ubuntu Linux, open the terminal and type following command to install checksecurity:
Running checksecurity:
running or using checksecurity is really very simple, open the terminal and type the following command to run the checksecurity:
Checksecurity Configuration:
The /etc/checksecurity.conf file defines several configuration variables:
MAILTO, CHECK_DISKFREE, CHECK_PASSWD and CHECK_SETUID LOGDIR. Each is described below.
The checksecurity program works with a collection of plugins which are located in /usr/share/checksecurity and are configured individually by their own configuration file.
CHECK_PASSWD If this is set to TRUE then the check-passwd script will be invoked. This script is designed to report upon system accounts which have no passwords.
CHECK_DISKFREE If this is set to TRUE then the check-diskfree script will be invoked and will allow an alert to be sent if there is any mounted partition is running short on disk space.
CHECK_SETUID If this is set to TRUE then the check-setuid script will be invoked, this will compare the setuid binaries upon the system tothose that existed previously and show the differences.
if you are more serious about the security of you ubuntu system, do check out Buck-Security
The checksecurity command scans the mounted files systems (subject to the filter defined in /etc/checksecurity.conf) and compares the list of setuid programs to the list created on the previous run. Any changes are printed to standard output. Also, it generates a list of nfs and afs filesystems that are mounted insecurely (i.e. they are missing the nodev and either the noexec or nosuid flags).
checksecurity is run by cron on a daily basis, and the output stored in /var/log/setuid/setuid.changes.
Checksecurity Installation:
Under Ubuntu Linux, open the terminal and type following command to install checksecurity:
sudo apt-get install checksecurity
Running checksecurity:
running or using checksecurity is really very simple, open the terminal and type the following command to run the checksecurity:
sudo checksecuritycheck the log files to see what's happening in the background - /var/log/setuid/
Checksecurity Configuration:
The /etc/checksecurity.conf file defines several configuration variables:
MAILTO, CHECK_DISKFREE, CHECK_PASSWD and CHECK_SETUID LOGDIR. Each is described below.
The checksecurity program works with a collection of plugins which are located in /usr/share/checksecurity and are configured individually by their own configuration file.
CHECK_PASSWD If this is set to TRUE then the check-passwd script will be invoked. This script is designed to report upon system accounts which have no passwords.
CHECK_DISKFREE If this is set to TRUE then the check-diskfree script will be invoked and will allow an alert to be sent if there is any mounted partition is running short on disk space.
CHECK_SETUID If this is set to TRUE then the check-setuid script will be invoked, this will compare the setuid binaries upon the system tothose that existed previously and show the differences.
if you are more serious about the security of you ubuntu system, do check out Buck-Security
0 comments:
Post a Comment