For example, it finds world-writable files and directories, setuid and setgid programs, superuser accounts, and installed attack tool packages.
It also checks your umask and checks if the sticky bit is set for /tmp, among other checks.
It was designed for Debian and Ubuntu servers, but can be useful for any Linux system.
By now the following tests are implemented:
* Searching for worldwriteable files
* Searching for worldwriteable directories
* Searching for programs where the setuid is set
* Searching for programs where the setgid is set
* Checking your umask
* Checking if the sticky-bit is set for /tmp
* Searching for superusers
* Checking firewall policies
* Checking if sshd is secured
* Creating and checking checksums of system programs
* Searching for installed attack tools packages
How to run Buck-security in Ubuntu servers
First you need to download latest version from here
unzip the the zip-file.
unzip buck-security_0.5.zipTo start the checks run the buck program (type ./buck while in the buck-security directory).
cd buck-security_0.5For more information check buck security documentation
sudo ./buck
No comments:
Post a Comment