Usuario: Contraseña:

Auditorias wireless,Seguridad wireless


,Routers,Hacking,Cracking,Android,Develop Tools,forensics network group


Ethical Hacking,Ethical Webcracking




Este sitio utiliza cookies propias y de terceros. Si continúa navegando consideramos que acepta el uso de cookies. OK Más Información.

Autor Tema: Realiza una auditoría completa de tu distribución Linux con Lynis  (Leído 796 veces)

0 Usuarios y 1 Visitante están viendo este tema.

Desconectado alexbart

  • Moderador Global
  • Trade Count: (0)
  • ****
  • Mensajes: 2262
  • Colaboraciones +100/-0
  • Sexo: Masculino
  • no compres adopta

Os presentamos Lynis, una herramienta de seguridad para realizar completas auditorías de nuestro sistema operativo Linux. Esta herramienta funciona con las distribuciones Linux más conocidas y usadas como Ubuntu, Arch, Debian, Fedora y OpenSUSE.

La función de este software es detectar problemas de seguridad en nuestro sistema así como errores de configuración. Nos mostrará toda la información sobre la red, los procesos del sistema, configuración del firewall, estado del kernel, si tenemos bases de datos en el sistema y un largo etcétera de datos.


Linis se distribuye bajo licencia GPL y es totalmente gratuita. Podéis descargar Lynis desde su página web oficial y ejecutarlo sin necesidad de instalación. Para las distribuciones Debian, esta herramienta se encuentra en los repositorios, basta con teclear:

?
1
sudo apt-get install lynis
Y automáticamente se instalará en nuestro sistema. Una vez instalada la herramienta, podemos ejecutar “lynis” para iniciar el programa y comenzar con el escaneo del sistema.

En la siguiente imagen podéis ver las principales características del sistema donde lo hemos probado.




pd : mas noticias en AuditoriasWireless Noticias | Facebook

Desconectado kcdtv

  • Elite Friends
  • Trade Count: (0)
  • *****
  • Mensajes: 1226
  • Colaboraciones +20/-1
  • visita www.wifi-libre.com
    • www.wifi-libre.com
Re:Realiza una auditoría completa de tu distribución Linux con Lynis
« Respuesta #1 en: 20 de Abril de 2013, 01:45:13 am »
mediante apt-get, muy facil y rapido, con cada potencial punto de peligro explicado, muy interesante...

Código: [Seleccionar]
-[ Lynis 1.3.0 Results ]-

  Tests performed: 142
  Warnings:
  ----------------------------
   - [01:38:21] Warning: Couldn't find 2 responsive nameservers [test:NETW-2705] [impact:L]
   - [01:39:12] Warning: No running NTP daemon or available client found [test:TIME-3104] [impact:M]

  Suggestions:
  ----------------------------
   - [01:36:32] Suggestion: Install a PAM module for password strength testing like pam_cracklib or pam_passwdqc [test:AUTH-9262]
   - [01:36:32] Suggestion: When possible set expire dates for all password protected accounts [test:AUTH-9282]
   - [01:36:32] Suggestion: Configure password aging limits to enforce password changing on a regular base [test:AUTH-9286]
   - [01:36:32] Suggestion: Default umask in /etc/profile could be more strict like 027 [test:AUTH-9328]
   - [01:36:32] Suggestion: Default umask in /etc/login.defs could be more strict like 027 [test:AUTH-9328]
   - [01:36:32] Suggestion: Default umask in /etc/init.d/rc could be more strict like 027 [test:AUTH-9328]
   - [01:36:56] Suggestion: To decrease the impact of a full /home file system, place /home on a separated partition [test:FILE-6310]
   - [01:36:56] Suggestion: To decrease the impact of a full /tmp file system, place /tmp on a separated partition [test:FILE-6310]
   - [01:37:08] Suggestion: Disable drivers like USB storage when not used, to prevent unauthorized storage or data theft [test:STRG-1840]
   - [01:37:08] Suggestion: Disable drivers like firewire storage when not used, to prevent unauthorized storage or data theft [test:STRG-1846]
   - [01:37:37] Suggestion: Purge removed packages (22 found) with aptitude purge command, to cleanup old configuration files, cron jobs and startup scripts. [test:PKGS-7346]
   - [01:37:37] Suggestion: Install package 'yum-utils' for better consistency checking of the package database [test:PKGS-7384]
   - [01:38:13] Suggestion: Install package apt-show-versions for patch management purposes [test:PKGS-7394]
   - [01:38:21] Suggestion: Check your resolv.conf file and fill in a backup nameserver if possible [test:NETW-2705]
   - [01:38:37] Suggestion: Configure a firewall/packet filter to filter incoming and outgoing traffic [test:FIRE-4590]
   - [01:39:02] Suggestion: Add legal banner to /etc/issue, to warn unauthorized users [test:BANN-7126]
   - [01:39:02] Suggestion: Add legal banner to /etc/issue.net, to warn unauthorized users [test:BANN-7130]
   - [01:39:10] Suggestion: Enable auditd to collect audit information [test:ACCT-9628]
   - [01:39:12] Suggestion: Check if any NTP daemon is running or a NTP client gets executed daily, to prevent big time differences and avoid problems with services like kerberos, authentication or logging differences. [test:TIME-3104]
   - [01:39:18] Suggestion: Install a file integrity tool [test:FINT-4350]
   - [01:39:23] Suggestion: One or more sysctl values differ from the scan profile and could be tweaked [test:KRNL-6000]
   - [01:40:40] Suggestion: Harden the system by removing unneeded compilers. This can decrease the chance of customized trojans, backdoors and rootkits to be compiled and installed [test:HRDN-7220]
   - [01:40:40] Suggestion: Harden compilers and restrict access to world [test:HRDN-7222]
   - [01:40:40] Suggestion: Harden the system by installing one or malware scanners to perform periodic file system scans [test:HRDN-7230]
================================================================================
  Files:
  - Test and debug information      : /var/log/lynis.log
  - Report data                     : /var/log/lynis-report.dat
================================================================================
  Hardening index : [43]     [########            ]
================================================================================
  Tip: Disable all tests which are not relevant or are too strict for the
       purpose of the particular machine. This will remove unwanted suggestions
       and also boost the hardening index. Each test should be properly analyzed
       to see if the related risks can be accepted, before disabling the test.
================================================================================
  Lynis 1.3.0
  Copyright 2007-2012 - Michael Boelen, http://www.rootkit.nl/
==============================================================================


« Última modificación: 20 de Abril de 2013, 01:46:15 am por kcdtv »


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf

 

Dumpper All V.x.x

DUMPPER WPS PENTESTING