0

I'm looking for tools that will audit a very simple Unix (Linux or BSD) installation, identify vulnerabilities, and perhaps give suggestions for fixing them.

I realize that "penetration testing" can get pretty involved, and that there are many specialized tools for it, but I just want to test a minimal, dedicated home system (like the one I described in this earlier post), so I'm hoping to find tools that can do a reliable all-around security audit on such a simple system, perhaps after automatically running a collection (the larger the better) of standard tests.

Community
  • 1
kjo
  • 1,043
  • 2
  • 9
  • 15

2 Answers2

2

On the defensive side, try Lynis It does a nice job of assessing the defensive posture, looks at settings, what's listening, ports, services, common problematic patterns, etc.

rath
  • 406
  • 4
  • 12
Marcin
  • 2,508
  • 1
  • 15
  • 14
  • 2
    [Lynis](http://cisofy.com/lynis/ "Linux auditing tool") is exactly what you are looking for. I'm biased, being the original author ;) – mboelen Jun 17 '14 at 14:39
1

There are automatic vulnerability scanners for this type of thing: Nessus, OpenVAS, Metasploit, nmap, and others, and each does different things. They can be used for deep penetration tests, but they can also be run for a quick overview, if you know what you are doing.

The problem you will run into is your constraints of:

  • I want it reliable

  • I want it easy

For a security tool to be reliable it needs to be able to do complex things, which makes them not-so-easy to use. That's why there are professionals that do security auditing: It's not-so-easy.

That means you have 2 options:

  1. run a standard tool as best you can and take what you get, knowing that you may not have the full picture

  2. get a more experienced person to perform the audit (that person could be you if you got the experience necessary)

No quick answer here, unfortunately.

schroeder
  • 123,438
  • 55
  • 284
  • 319
  • Regarding the two options you mention at the end: I'm aiming for option 1. More specifically, I'm asking for those "standard tools" you mention for option 1. – kjo Jun 16 '14 at 12:36
  • 1
    Try OpenVAS - but do not construe my mentioning of the tool as endorsement or recommendation :) – schroeder Jun 16 '14 at 14:18
  • 1
    @kjo as another option to OpenVAS you could look at Nessus, there's a free version for non-profit use and a commercial option which has some pretty good security auditing features. – Rory McCune Jun 16 '14 at 16:43