I\'m looking for tools that will audit a very simple Unix (Linux or BSD) install

Question

I'm looking for tools that will audit a very simple Unix (Linux or BSD) installation, identify vulnerabilities, and perhaps give suggestions for fixing them.

I realize that "penetration testing" can get pretty involved, and that there are many specialized tools for it, but I just want to test a minimal, dedicated home system (like the one I described in this earlier post), so I'm hoping to find tools that can do a reliable all-around security audit on such a simple system, perhaps after automatically running a collection (the larger the better) of standard tests.

Explanation / Answer

There are automatic vulnerability scanners for this type of thing: Nessus, OpenVAS, Metasploit, nmap, and others, and each does different things. They can be used for deep penetration tests, but they can also be run for a quick overview, if you know what you are doing.

The problem you will run into is your constraints of:

I want it reliable

I want it easy

For a security tool to be reliable it needs to be able to do complex things, which makes them not-so-easy to use. That's why there are professionals that do security auditing: It's not-so-easy.

That means you have 2 options:

run a standard tool as best you can and take what you get, knowing that you may not have the full picture

get a more experienced person to perform the audit (that person could be you if you got the experience necessary)

No quick answer here, unfortunately.

Related Questions

Navigate

• Browse (All)
• Browse I
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.