SlowJet
30th April 2010, 07:50 PM
Output of hdtool on a desktop
# ls
hntool-0.1.1-1.fc14.noarch.rpm
[root@Ruthie-07 f14]# rpm -ivh hntool-0.1.1-1.fc14.noarch.rpm --test
Preparing... ########################################### [100%]
[root@Ruthie-07 f14]# rpm -ivh hntool-0.1.1-1.fc14.noarch.rpm
Preparing... ########################################### [100%]
1:hntool ########################################### [100%]
[root@Ruthie-07 f14]# exit
logout
[darwinhwebb@Ruthie-07 f14]$ cd ..
<snip>
[darwinhwebb@Ruthie-07 ~]$ hntool --help
Usage: hntool [options]
Options:
--version show program's version number and exit
-h, --help show this help message and exit
-l, --list returns a list of available rules
-t OUTPUT_FORMAT, --output_type=OUTPUT_FORMAT
select the output format
--list_output_type list the avaliable output formats
Output Options:
-n, --term_nocolors
does not use colors on terminal output
Rule Options:
--apache_conf=APACHE_CONF
adds a apache configuration file to the list of files
to analize
[darwinhwebb@Ruthie-07 ~]$ man hntool
[darwinhwebb@Ruthie-07 ~]$ hntool --list
------------------------------- HnTool rule list -------------------------------
remote access : Checks for services with remote access allowed
system-wide : Checks security problems on system-wide configuration
filesystems : Checks filesystems for security problems
authentication : Checks users, groups and authentications
ssh : Checks security problems on sshd config file
apache : Checks security problems on Apache config file
postgresql : Check security problems on PostgreSQL configuration files
php : Checks security problems on php config file
port checks : Checks for open ports
[darwinhwebb@Ruthie-07 ~]$ hntool
Error: You must be root to run HnTool
<snip>
[darwinhwebb@Ruthie-07 ~]$ su -
Password:
[root@Ruthie-07 ~]# hntool
[ Starting HnTool checks... ]
Checks for services with remote access allowed
Default policy not found [ LOW ]
Checks security problems on system-wide configuration
Permissions on /boot/grub/menu.lst are correct [ OK ]
GRUB does not ask for a password [ LOW ]
Core dumps are enabled [ LOW ]
ExecShield is disabled [ LOW ]
TCP SYN Cookie Protection is disabled [ LOW ]
Ignore broadcast request is disabled [ LOW ]
Ping reply is enabled [ LOW ]
Single-User mode does not requires authentication [ MEDIUM ]
Checks filesystems for security problems
mlocate.db found. [ OK ]
Did not found old file(s) (+30 days) in /tmp [ OK ]
Found old file(s) (+30 days) in /var/db/locate.database [ LOW ]
Please run /usr/libexec/locate.updatedb [ INFO ]
Checks users, groups and authentications
Permissions on shadow file are correct (400) [ OK ]
Permissions on passwd file are correct (644) [ OK ]
There aren't users (not root) with UID 0 [ OK ]
Delay between failed login prompts is more than 3s or not defined [ OK ]
User "sync" may have a harmful shell (/bin/sync) [ MEDIUM ]
User "shutdown" may have a harmful shell (/sbin/shutdown) [ MEDIUM ]
User "halt" may have a harmful shell (/sbin/halt) [ MEDIUM ]
User "darwinhwebb" may have a harmful shell (/bin/bash) [ MEDIUM ]
Permissions on /home/lost+found are greater than 700 [ MEDIUM ]
Permissions on /home/root are greater than 700 [ MEDIUM ]
Permissions on /home/darwinhwebb are greater than 700 [ MEDIUM ]
By default passwords do not expires on 90 days or less [ MEDIUM ]
Checks security problems on sshd config file
Root access is not allowed [ OK ]
Empty passwords are not allowed [ OK ]
TCP forwarding is not allowed [ OK ]
SSH is using the default port [ LOW ]
SSH is not using protocol v2 [ LOW ]
X11 forward is allowed [ LOW ]
Checks security problems on Apache config file
ServerTokens is not using harmful conf [ OK ]
LimitRequestBody is not using harmful value (0) [ OK ]
LimitRequestFields is not using harmful value (0) [ OK ]
LimitRequestFieldsize is using good value (8190) [ OK ]
LimitRequestLine is using good value (8190) [ OK ]
Timeout is not using harmful value (>=300) [ OK ]
KeepAlive is using harmful conf (set On) [ MEDIUM ]
ServerSignature is using harmful conf (set Off) [ MEDIUM ]
Could not find a .htpasswd file. Please, run updatedb [ INFO ]
Check security problems on PostgreSQL configuration files
PostgreSQL configurations files are not found [ INFO ]
Checks security problems on php config file
Php config file (/etc/php.ini) could not be found [ INFO ]
Checks for open ports
Service "rpc" using ports "46532" and "46828" found [ INFO ]
Service "rpcbind" using port "111" found [ INFO ]
Service "cupsd" using port "631" found [ INFO ]
Service "sshd" using port "22" found [ INFO ]
Service "sendmail" using port "25" found [ INFO ]
[root@Ruthie-07 ~]#
SJ
# ls
hntool-0.1.1-1.fc14.noarch.rpm
[root@Ruthie-07 f14]# rpm -ivh hntool-0.1.1-1.fc14.noarch.rpm --test
Preparing... ########################################### [100%]
[root@Ruthie-07 f14]# rpm -ivh hntool-0.1.1-1.fc14.noarch.rpm
Preparing... ########################################### [100%]
1:hntool ########################################### [100%]
[root@Ruthie-07 f14]# exit
logout
[darwinhwebb@Ruthie-07 f14]$ cd ..
<snip>
[darwinhwebb@Ruthie-07 ~]$ hntool --help
Usage: hntool [options]
Options:
--version show program's version number and exit
-h, --help show this help message and exit
-l, --list returns a list of available rules
-t OUTPUT_FORMAT, --output_type=OUTPUT_FORMAT
select the output format
--list_output_type list the avaliable output formats
Output Options:
-n, --term_nocolors
does not use colors on terminal output
Rule Options:
--apache_conf=APACHE_CONF
adds a apache configuration file to the list of files
to analize
[darwinhwebb@Ruthie-07 ~]$ man hntool
[darwinhwebb@Ruthie-07 ~]$ hntool --list
------------------------------- HnTool rule list -------------------------------
remote access : Checks for services with remote access allowed
system-wide : Checks security problems on system-wide configuration
filesystems : Checks filesystems for security problems
authentication : Checks users, groups and authentications
ssh : Checks security problems on sshd config file
apache : Checks security problems on Apache config file
postgresql : Check security problems on PostgreSQL configuration files
php : Checks security problems on php config file
port checks : Checks for open ports
[darwinhwebb@Ruthie-07 ~]$ hntool
Error: You must be root to run HnTool
<snip>
[darwinhwebb@Ruthie-07 ~]$ su -
Password:
[root@Ruthie-07 ~]# hntool
[ Starting HnTool checks... ]
Checks for services with remote access allowed
Default policy not found [ LOW ]
Checks security problems on system-wide configuration
Permissions on /boot/grub/menu.lst are correct [ OK ]
GRUB does not ask for a password [ LOW ]
Core dumps are enabled [ LOW ]
ExecShield is disabled [ LOW ]
TCP SYN Cookie Protection is disabled [ LOW ]
Ignore broadcast request is disabled [ LOW ]
Ping reply is enabled [ LOW ]
Single-User mode does not requires authentication [ MEDIUM ]
Checks filesystems for security problems
mlocate.db found. [ OK ]
Did not found old file(s) (+30 days) in /tmp [ OK ]
Found old file(s) (+30 days) in /var/db/locate.database [ LOW ]
Please run /usr/libexec/locate.updatedb [ INFO ]
Checks users, groups and authentications
Permissions on shadow file are correct (400) [ OK ]
Permissions on passwd file are correct (644) [ OK ]
There aren't users (not root) with UID 0 [ OK ]
Delay between failed login prompts is more than 3s or not defined [ OK ]
User "sync" may have a harmful shell (/bin/sync) [ MEDIUM ]
User "shutdown" may have a harmful shell (/sbin/shutdown) [ MEDIUM ]
User "halt" may have a harmful shell (/sbin/halt) [ MEDIUM ]
User "darwinhwebb" may have a harmful shell (/bin/bash) [ MEDIUM ]
Permissions on /home/lost+found are greater than 700 [ MEDIUM ]
Permissions on /home/root are greater than 700 [ MEDIUM ]
Permissions on /home/darwinhwebb are greater than 700 [ MEDIUM ]
By default passwords do not expires on 90 days or less [ MEDIUM ]
Checks security problems on sshd config file
Root access is not allowed [ OK ]
Empty passwords are not allowed [ OK ]
TCP forwarding is not allowed [ OK ]
SSH is using the default port [ LOW ]
SSH is not using protocol v2 [ LOW ]
X11 forward is allowed [ LOW ]
Checks security problems on Apache config file
ServerTokens is not using harmful conf [ OK ]
LimitRequestBody is not using harmful value (0) [ OK ]
LimitRequestFields is not using harmful value (0) [ OK ]
LimitRequestFieldsize is using good value (8190) [ OK ]
LimitRequestLine is using good value (8190) [ OK ]
Timeout is not using harmful value (>=300) [ OK ]
KeepAlive is using harmful conf (set On) [ MEDIUM ]
ServerSignature is using harmful conf (set Off) [ MEDIUM ]
Could not find a .htpasswd file. Please, run updatedb [ INFO ]
Check security problems on PostgreSQL configuration files
PostgreSQL configurations files are not found [ INFO ]
Checks security problems on php config file
Php config file (/etc/php.ini) could not be found [ INFO ]
Checks for open ports
Service "rpc" using ports "46532" and "46828" found [ INFO ]
Service "rpcbind" using port "111" found [ INFO ]
Service "cupsd" using port "631" found [ INFO ]
Service "sshd" using port "22" found [ INFO ]
Service "sendmail" using port "25" found [ INFO ]
[root@Ruthie-07 ~]#
SJ
