2009年12月10日安全工具更新-阿里云开发者社区

开发者社区> cnbird> 正文

2009年12月10日安全工具更新

简介: 1.Lynix 1.2.8 We wrote about Lynis here. The latest version – 1.
+关注继续查看

1.Lynix 1.2.8

We wrote about Lynis here. The latest version – 1.2.8 is now out for all of you! This release adds initial support for Squid and several tests related to user authentication. Several improvements have been made, including some small bugfixes.

“Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes.

This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems. It can be run without prior installation, so inclusion on read only storage is no problem (USB stick, cd/dvd).

Lynis assists auditors in performing Basel II, GLBA, HIPAA, PCI DSS and SOX (Sarbanes-Oxley) compliance audits.

This is the change log for Lynis 1.2.8 (2009-12-08):
New:
- Squid support added
- Squid daemon detection [SQD-3602]
- Squid configuration file search [SQD-3604]
- Squid version detection [SQD-3606]
- Check /etc/motd banner [BANN-7122]
- Check /etc/issue.net file [BANN-7128]
- Check contents in /etc/issue.net [BANN-7130]
- Solaris single user mode login check (/etc/default/sulogin) [AUTH-9304]
- HP-UX boot authentication check [AUTH-9306]
- Linux single user mode authentication check [AUTH-9308]
- Solaris account locking policy check [AUTH-9340]

Changes:
- Added prerequisite to SSH test, so the test is skipped properly [SSH-7440]
- Check for /etc/issue symlink [BANN-7124]
- Added file check for possible harmful shells found [AUTH-9218]
- Add user home directories to report [HOME-9302]
- Extended Linux run level test with support for Debian/Ubuntu [KRNL-5622]
- Added /lib64/security to PAM test [AUTH-9262]
- Extended security repository check [PKGS-7388]
- Iptables check should not check for a module in a Linux config [FIRE-4511]
- Ignore APC ups daemon when scanning for CUPS [PRNT-2304]
- Improved kernel logger daemon check [LOGG-2138]
- Added auditctl to binary check [ACCT-9630]
- Log used auditd ruleset [ACCT-9630]
- Corrected logging of Solaris c2audit module [ACCT-9656]
- Fixed warning function for Solaris passwordless accounts [AUTH-9254]
- Commented kern.randompid in default profile
- For sysctl the parameter -n will be used on Linux systems
- Changed syslog daemon detection and state
- Extended report file

… and more.

Download lynis-1.2.8.tar.gz here.

 

 

2.Matriux

http://s283418514.onlinehome.us/distro/0.9.4/matriux-0.9.4-091127.iso

版权声明:本文内容由阿里云实名注册用户自发贡献,版权归原作者所有,阿里云开发者社区不拥有其著作权,亦不承担相应法律责任。具体规则请查看《阿里云开发者社区用户服务协议》和《阿里云开发者社区知识产权保护指引》。如果您发现本社区中有涉嫌抄袭的内容,填写侵权投诉表单进行举报,一经查实,本社区将立刻删除涉嫌侵权内容。

相关文章
阿里云服务器端口号设置
阿里云服务器初级使用者可能面临的问题之一. 使用tomcat或者其他服务器软件设置端口号后,比如 一些不是默认的, mysql的 3306, mssql的1433,有时候打不开网页, 原因是没有在ecs安全组去设置这个端口号. 解决: 点击ecs下网络和安全下的安全组 在弹出的安全组中,如果没有就新建安全组,然后点击配置规则 最后如上图点击添加...或快速创建.   have fun!  将编程看作是一门艺术,而不单单是个技术。
3956 0
+关注
cnbird
阿里云安全专家,主要负责阿里云云产品安全。
3242
文章
3
问答
文章排行榜
最热
最新
相关电子书
更多
文娱运维技术
立即下载
《SaaS模式云原生数据仓库应用场景实践》
立即下载
《看见新力量:二》电子书
立即下载