Monday, April 5, 2010

Buck-security - Security scanner for Ubuntu Servers

Buck-Security is a security scanner for Debian and Ubuntu Linux. It helps you to harden your system by running some important security checks.

For example, it finds world-writable files and directories, setuid and setgid programs, superuser accounts, and installed attack tool packages.

It also checks your umask and checks if the sticky bit is set for /tmp, among other checks.

It was designed for Debian and Ubuntu servers, but can be useful for any Linux system.

By now the following tests are implemented:
* Searching for worldwriteable files
* Searching for worldwriteable directories
* Searching for programs where the setuid is set
* Searching for programs where the setgid is set
* Checking your umask
* Checking if the sticky-bit is set for /tmp
* Searching for superusers
* Checking firewall policies
* Checking if sshd is secured
* Creating and checking checksums of system programs
* Searching for installed attack tools packages

How to run Buck-security in Ubuntu servers
First you need to download latest version from here
unzip the the zip-file.
To start the checks run the buck program (type ./buck while in the buck-security directory).
cd buck-security_0.5
sudo ./buck
For more information check buck security documentation

No comments:

Post a Comment