0 Usuarios y 1 Visitante están viendo este tema.
-[ Lynis 1.3.0 Results ]- Tests performed: 142 Warnings: ---------------------------- - [01:38:21] Warning: Couldn't find 2 responsive nameservers [test:NETW-2705] [impact:L] - [01:39:12] Warning: No running NTP daemon or available client found [test:TIME-3104] [impact:M] Suggestions: ---------------------------- - [01:36:32] Suggestion: Install a PAM module for password strength testing like pam_cracklib or pam_passwdqc [test:AUTH-9262] - [01:36:32] Suggestion: When possible set expire dates for all password protected accounts [test:AUTH-9282] - [01:36:32] Suggestion: Configure password aging limits to enforce password changing on a regular base [test:AUTH-9286] - [01:36:32] Suggestion: Default umask in /etc/profile could be more strict like 027 [test:AUTH-9328] - [01:36:32] Suggestion: Default umask in /etc/login.defs could be more strict like 027 [test:AUTH-9328] - [01:36:32] Suggestion: Default umask in /etc/init.d/rc could be more strict like 027 [test:AUTH-9328] - [01:36:56] Suggestion: To decrease the impact of a full /home file system, place /home on a separated partition [test:FILE-6310] - [01:36:56] Suggestion: To decrease the impact of a full /tmp file system, place /tmp on a separated partition [test:FILE-6310] - [01:37:08] Suggestion: Disable drivers like USB storage when not used, to prevent unauthorized storage or data theft [test:STRG-1840] - [01:37:08] Suggestion: Disable drivers like firewire storage when not used, to prevent unauthorized storage or data theft [test:STRG-1846] - [01:37:37] Suggestion: Purge removed packages (22 found) with aptitude purge command, to cleanup old configuration files, cron jobs and startup scripts. [test:PKGS-7346] - [01:37:37] Suggestion: Install package 'yum-utils' for better consistency checking of the package database [test:PKGS-7384] - [01:38:13] Suggestion: Install package apt-show-versions for patch management purposes [test:PKGS-7394] - [01:38:21] Suggestion: Check your resolv.conf file and fill in a backup nameserver if possible [test:NETW-2705] - [01:38:37] Suggestion: Configure a firewall/packet filter to filter incoming and outgoing traffic [test:FIRE-4590] - [01:39:02] Suggestion: Add legal banner to /etc/issue, to warn unauthorized users [test:BANN-7126] - [01:39:02] Suggestion: Add legal banner to /etc/issue.net, to warn unauthorized users [test:BANN-7130] - [01:39:10] Suggestion: Enable auditd to collect audit information [test:ACCT-9628] - [01:39:12] Suggestion: Check if any NTP daemon is running or a NTP client gets executed daily, to prevent big time differences and avoid problems with services like kerberos, authentication or logging differences. [test:TIME-3104] - [01:39:18] Suggestion: Install a file integrity tool [test:FINT-4350] - [01:39:23] Suggestion: One or more sysctl values differ from the scan profile and could be tweaked [test:KRNL-6000] - [01:40:40] Suggestion: Harden the system by removing unneeded compilers. This can decrease the chance of customized trojans, backdoors and rootkits to be compiled and installed [test:HRDN-7220] - [01:40:40] Suggestion: Harden compilers and restrict access to world [test:HRDN-7222] - [01:40:40] Suggestion: Harden the system by installing one or malware scanners to perform periodic file system scans [test:HRDN-7230]================================================================================ Files: - Test and debug information : /var/log/lynis.log - Report data : /var/log/lynis-report.dat================================================================================ Hardening index :  [######## ]================================================================================ Tip: Disable all tests which are not relevant or are too strict for the purpose of the particular machine. This will remove unwanted suggestions and also boost the hardening index. Each test should be properly analyzed to see if the related risks can be accepted, before disabling the test.================================================================================ Lynis 1.3.0 Copyright 2007-2012 - Michael Boelen, http://www.rootkit.nl/==============================================================================
Dumpper All V.x.x
Página generada en 0.389 segundos con 34 consultas.