linux poison RSS
linux poison Email

Basic Ubuntu System Security Checks - CheckSecurity

The  checksecurity  command  runs  a  small collection of simple system checks which are designed  to  catch  a  few  common  security  issues.
      
The  checksecurity  command scans the mounted files systems (subject to the filter defined in /etc/checksecurity.conf) and compares the list of setuid  programs  to  the list created on the previous run. Any changes are printed to standard output. Also, it generates a list  of  nfs  and afs  filesystems that are mounted insecurely (i.e. they are missing the nodev and either the noexec or nosuid flags).

checksecurity is run by cron on a daily basis, and the output stored in /var/log/setuid/setuid.changes.

Checksecurity Installation:
Under Ubuntu Linux, open the terminal and type following command to install checksecurity:
sudo apt-get install checksecurity

Running checksecurity:
running or using checksecurity is really very simple, open the terminal and type the following command to run the checksecurity:
sudo checksecurity
check the log files to see what's happening in the background - /var/log/setuid/

Checksecurity Configuration:
The  /etc/checksecurity.conf  file  defines several configuration variables:
MAILTO, CHECK_DISKFREE, CHECK_PASSWD and CHECK_SETUID LOGDIR.  Each  is described below.

The  checksecurity program works with a collection of plugins which are located in /usr/share/checksecurity and are configured individually  by their own configuration file.

CHECK_PASSWD  If  this is set to TRUE then the check-passwd script will be invoked.  This script is designed to  report  upon  system  accounts which  have  no  passwords.
      
CHECK_DISKFREE If this is set to TRUE then the check-diskfree script will be invoked and will allow an alert to be sent  if there is any mounted partition is running short on disk space.
      
CHECK_SETUID If this is set to TRUE then the check-setuid  script  will be  invoked,  this  will compare the setuid binaries upon the system tothose that existed previously and show the differences.

if you are more serious about the security of you ubuntu system, do check out Buck-Security

 


0 comments:

Post a Comment

Related Posts with Thumbnails