What should go into a security-checking shell script?
Greg Onufer
greg at cheers.uucp
Wed Oct 25 03:50:17 AEST 1989
A few things to think about:
- Compare checksums of all vendor-supplied executables
with known-correct checksums.
- Use find(1) to search the disks for set-uid
and set-gid executables as well as special
devices (since they can only be made by root).
- Check the validity of root's dot-files (incl.
root's default PATH).
- Validate the permissions of all important
configuration files (/etc/passwd, /etc/group,
/etc/{tty,ini}tab, UUCP L.sys/Systems files,
etc).
- Check that all users have passwords, even going as far
as checking against the system dictionary to determine
if existing passwords are "easy" to break.
That's most of the checking I do locally, more ideas would be welcome!
Cheers!greg (Greg Onufer, cheers!greg at lll-winken.llnl.gov)
More information about the Comp.unix.wizards
mailing list