As a system administrator you often get into situations where you have to take care of a server, that has been maintained by other people before. In this situation it is useful to get an idea of the security status of the system immediately. Buck Security was designed exactly for this. It runs a few important checks and returns the results. It was desigend to be extremly easy to install, use and configure.
ATTENTION: Buck Security should be just a small tool in your holistic security concept. Server security is a complex PROCESS which can't be guaranteed by a simple tool.
By now the following tests are implemented:
- Searching for worldwriteable files
- Searching for worldwriteable directories
- Searching for programs where the setuid is set
- Searching for programs where the setgid is set
- Checking your umask
- Checking if the sticky-bit is set for /tmp
- Searching for superusers
- Checking firewall policies
- Checking if sshd is secured
- Creating and checking checksums of system programs
- Searching for installed attack tools packages
buck-security comes as zip-file. Just download the latest version and unzip the the zip-file using the command: unzip buck-security_0.5.zip
To start the checks run the buck program (type ./buck while in the buck-security directory).
cd buck-security_0.5Or run buck --help to get information about the options.
You can configure Buck Security by editing the file conf/buck.conf Here you can enable and disable the different checks by deleting them from the list. By default all checks are enabled.
Similarly check >> Detecting Rootkits in Ubuntu system using Chkrootkit and Rkhunter