Showing posts with label Security Audits. Show all posts
Showing posts with label Security Audits. Show all posts

Thursday, April 17, 2014

Nmap 6.45 - Free Security Scanner For Network Exploration & Security Audits


Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: Added ssl-heartbleed script to detect the Heartbleed bug in OpenSSL. Various other additions and updates.

Posted by at No comments:
Labels: , , , , , , , ,

Tuesday, December 31, 2013

[Lynis v1.3.8] The Unix/Linux Hardening tool


Lynis is a security tool to audit and harden Unix and Linux based systems. It scans the system by performing many security control checks, looks for installed software and determines compliance to standards. Also will it detects security issues and errors in configuration. At the end of the scan it will provide the warnings and suggestions to help you improving the security defense of your systems.

Some of the (future) features and usage options:
  • System and security audit checks
  • File Integrity Assessment
  • System and file forensics
  • Usage of templates/baselines (reporting and monitoring)
  • Extended debugging features

This tool is tested or confirmed to work with:
AIX, Linux, FreeBSD, OpenBSD, Mac OS X, Solaris

Changelog

  • New parameter –view-categories to display available test categories
  • Added /etc/hosts check (duplicates) [NAME-4402]
  • Added /etc/hosts check (hostname) [NAME-4404]
  • Added /etc/hosts check (localhost mapping) [NAME-4406]
  • Portmaster test for possible port upgrades [PKGS-7378]
  • Check for SPARC improve boot loader (SILO) [BOOT-5142]
  • NFS client access test [STRG-1930]
  • Check system uptime [BOOT-5202]
  • YUM repolist check [PKGS-7383]
  • Contributors file added
  • Improved locate database check and reporting [FILE-6410]
  • Improved PAE/No eXecute test for Linux kernel [KRNL-5677]
  • Disabled NIS domain name from test [NAME-4028]
  • Extended NIS domain test to check BSD sysctl value [NAME-4306]
  • Extended PAM tools check with PAM paths [AUTH-9262]
  • Adjusted Apache check to avoid skipping it [HTTP-6622]
  • Extended USB state testing [STRG-1840]
  • Extended Firewire state testing [STRG-1846]
  • Extended core dump test [KRNL-5820]
  • Added /lib/i386-linux-gnu/security to PAM directories
  • Added /usr/X11R6/bin directory to binary paths
  • Improved readability of screen output
  • Improved logging for several tests
  • Improved Debian version detection
  • Added warning to BIND test [NAME-4206]
  • Extended binaries with showmount and yum
  • Updated man page

Posted by at No comments:
Labels: , , , , , , ,
Subscribe to: Comments (Atom)