Re: Local security scanner

From: Axel Beckert - ecos gmbh (beckert@ecos.de)
Date: 03/17/03

  • Next message: Axel Beckert - ecos gmbh: "Re: Port 113 security" 
    Date: Mon, 17 Mar 2003 19:11:03 +0100
From: Axel Beckert - ecos gmbh <beckert@ecos.de>
To: bugtraq@virtual.dyc.edu

    Hi!

    Am Fri, Mar 14, 2003 at 08:01:47AM -0500, bugtraq@virtual.dyc.edu schrieb:
    > I would like to know what the community is using for local security
    > scanners on linux boxes. There are many excellent remote security
    > scanners available, like nessus, and some hardening scripts like Bastille,
    > but few local security scanners aimed at finding security holes
    > accessible to users with local non-privileged accounts.

    In Debian GNU/Linux, there exists (maybe there are others in Debian,
    too) the tiger package:

    tiger - Report system security vulnerabilities

       TIGER, or the 'tiger' scripts, is a set of Bourne shell scripts, C
       programs and data files which are used to perform a security audit
       of UNIX systems. TIGER has one primary goal: report ways 'root'
       can be compromised.

       Debian's TIGER incorporates new checks primarily oriented towards
       Debian distribution including: md5sums checks of installed files,
       location of files not belonging to packages and check of security
       advisories.

    See http://savannah.nongnu.org/projects/tiger and
    http://www.net.tamu.edu/network/tools/tiger.html for details or say
    'apt-get install tiger', if you're running Debian. :-)

    HTH.

                Kind regards, Axel Beckert 

    -- 
--------------------------------------------------------------
Axel Beckert       ecos electronic communication services gmbh
IT-Securitylösungen * dynamische Webapplikationen * Consulting
Post:       Tulpenstrasse 5          D-55276 Dienheim b. Mainz
E-Mail:     beckert@ecos.de          Voice:   +49 6133 939-220
WWW:        http://www.ecos.de/      Fax:     +49 6133 939-333
--------------------------------------------------------------
|                                                            |
|   Besuchen Sie uns auf der CeBIT vom 12. - 19. März 2003   |
|   Messe Hannover * Halle 17 * Stand F 36                   |
|   http://www.cebit.de/                                     |
|                                                            |
--------------------------------------------------------------
  • Next message: Axel Beckert - ecos gmbh: "Re: Port 113 security"

    Relevant Pages

    • Tiger 3.2.1
      ... A new stable release for the Tiger security tool has been ... enhancements and new checks such as: check_ndd (for HPUX and SunOS ...
      (comp.security.unix)
    • Re: The Myth of the secure Mac
      ... >> yes, it's in Tiger, perhaps you didn't read the Security Brief as you ... the real reason is they can't break a mac. ... Plug your Mac into Linux box acting as DHCP server ...
      (comp.sys.mac.advocacy)
    • Re: The Myth of the secure Mac
      ... yes, it's in Tiger, perhaps you didn't read the Security Brief as you said yesterday. ... The new-applications warning alerts you before the system opens an application for the first time. ... I think the shear scope of my security experience with these 1000++ macs pales to a simple linux distro. ... There is no "spyware" in the Mac version, never has been, only some .gif banner advertisements that load periodically into a window below your download tray. ...
      (comp.sys.mac.advocacy)
    • Re: Login Problem How Get to Gui?
      ... > BSD/Darwin command line interface. ... > Security Update 2005-007 delivers a number of security enhancements ... > for Tiger systems Mac OS X v10.4.2. ... > v1.0 on Tiger systems should install v1.1. ...
      (comp.sys.mac.system)
    • Re: cant restore
      ... There aren't any 'good' on-line scanners out there! ... You have to use IE on very low security setting - ActiveX is required. ... Kaspersky® Virus Removal Tool ... do not post HJT logs to this newsgroup. ...
      (microsoft.public.windowsxp.general)