You can assess critical, and often overlooked, security issues on your Linux systems, such as the following:
- Misconfigurations or unauthorized entries in the shadow password files, which could provide covert system access
- Password complexity requirements
- Users equivalent to root
- Suspicious automated tasks configured in cron, the script scheduler program
- Signature checks on system binary files
- Checks for rootkits
- Network configuration, including measures to prevent packet spoofing and other
- denial of service (DoS) attacks
- Permissions on system log files
You can do all these assessments manually — or better yet, use an automated tool to do it for you! Figure 1 shows the initiation of the Tiger security-auditing tool ( www.nongnu.org/tiger ), and Figure 2 shows a portion of the audit results. Talk about some great bang for no buck with this tool!
Figure 1: Running the Tiger security-auditing tool.
Figure 2: Partial output of the Tiger tool.
Alternatives to Tiger include Linux Security Auditing Tool (LSAT; http://usat.sourceforge.net ) as well as Bastille UNIX ( http://bastille-linux.sourceforge.net ).