Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Security scripts *** 3.2.3, 2008.09.10.09.30 ***
- Tue Mar 20 20:20:03 GMT 2012
- 20:20> Beginning security report for Jamie (2012 Linux 3.2.9-blackout).
- # Performing check of passwd files...
- # Checking entries from /etc/passwd.
- --WARN-- [pass013w] Username `root' is not using an acceptable password hash
- (x).
- --WARN-- [pass013w] Username `daemon' is not using an acceptable password hash
- (x).
- --WARN-- [pass013w] Username `bin' is not using an acceptable password hash
- (x).
- --WARN-- [pass013w] Username `sys' is not using an acceptable password hash
- (x).
- --WARN-- [pass013w] Username `sync' is not using an acceptable password hash
- (x).
- --WARN-- [pass015w] Login ID sync does not have a valid shell (/bin/sync).
- --WARN-- [pass013w] Username `games' is not using an acceptable password hash
- (x).
- --WARN-- [pass013w] Username `man' is not using an acceptable password hash
- (x).
- --WARN-- [pass013w] Username `lp' is not using an acceptable password hash
- (x).
- --WARN-- [pass013w] Username `mail' is not using an acceptable password hash
- (x).
- --WARN-- [pass013w] Username `news' is not using an acceptable password hash
- (x).
- --WARN-- [pass013w] Username `uucp' is not using an acceptable password hash
- (x).
- --WARN-- [pass013w] Username `proxy' is not using an acceptable password hash
- (x).
- --WARN-- [pass013w] Username `www-data' is not using an acceptable password
- hash (x).
- --WARN-- [pass013w] Username `backup' is not using an acceptable password hash
- (x).
- --WARN-- [pass013w] Username `list' is not using an acceptable password hash
- (x).
- --WARN-- [pass013w] Username `irc' is not using an acceptable password hash
- (x).
- --WARN-- [pass013w] Username `gnats' is not using an acceptable password hash
- (x).
- --WARN-- [pass013w] Username `nobody' is not using an acceptable password hash
- (x).
- --WARN-- [pass013w] Username `libuuid' is not using an acceptable password
- hash (x).
- --WARN-- [pass013w] Username `Debian-exim' is not using an acceptable password
- hash (x).
- --WARN-- [pass013w] Username `statd' is not using an acceptable password hash
- (x).
- --WARN-- [pass013w] Username `sshd' is not using an acceptable password hash
- (x).
- --WARN-- [pass015w] Login ID sshd does not have a valid shell
- (/usr/sbin/nologin).
- --WARN-- [pass013w] Username `michael' is not using an acceptable password
- hash (x).
- --WARN-- [pass013w] Username `game' is not using an acceptable password hash
- (x).
- --WARN-- [pass013w] Username `ftp' is not using an acceptable password hash
- (x).
- --WARN-- [pass013w] Username `messagebus' is not using an acceptable password
- hash (x).
- --WARN-- [pass013w] Username `znc' is not using an acceptable password hash
- (x).
- --WARN-- [pass013w] Username `mumble-server' is not using an acceptable
- password hash (x).
- # Performing check of group files...
- # Performing check of user accounts...
- # Checking accounts from /etc/passwd.
- --WARN-- [acc006w] Login ID mail's home directory (/var/mail) has group `4096'
- write access.
- --WARN-- [acc022w] Login ID nobody home directory (/nonexistent) is not
- accessible.
- --WARN-- [acc006w] Login ID libuuid's home directory (/var/lib/libuuid) has
- group `4096' write access.
- # Performing check of /etc/hosts.equiv and .rhosts files...
- # Checking accounts from /etc/passwd...
- # Performing check of .netrc files...
- # Checking accounts from /etc/passwd...
- # Performing common access checks for root (in /etc/default/login, /securetty, and /etc/ttytab...
- # Performing check of PATH components...
- # Only checking user 'root'
- --WARN-- [path002w] /usr/bin/bsd-write in root's PATH from default is not
- owned by root (owned by tty).
- --WARN-- [path002w] /usr/bin/chage in root's PATH from default is not owned by
- root (owned by shadow).
- --WARN-- [path002w] /usr/bin/crontab in root's PATH from default is not owned
- by root (owned by crontab).
- --WARN-- [path002w] /usr/bin/dotlockfile in root's PATH from default is not
- owned by root (owned by mail).
- --WARN-- [path002w] /usr/bin/expiry in root's PATH from default is not owned
- by root (owned by shadow).
- --WARN-- [path002w] /usr/bin/locate in root's PATH from default is not owned
- by root (owned by mlocate).
- --WARN-- [path002w] /usr/bin/lockfile in root's PATH from default is not owned
- by root (owned by mail).
- --WARN-- [path002w] /usr/bin/mlocate in root's PATH from default is not owned
- by root (owned by mlocate).
- --WARN-- [path002w] /usr/bin/mutt_dotlock in root's PATH from default is not
- owned by root (owned by mail).
- --WARN-- [path002w] /usr/bin/screen in root's PATH from default is not owned
- by root (owned by utmp).
- --WARN-- [path002w] /usr/bin/ssh-agent in root's PATH from default is not
- owned by root (owned by ssh).
- --WARN-- [path002w] /usr/bin/twistedcat in root's PATH from default is not
- owned by root (owned by game).
- --WARN-- [path002w] /usr/bin/wall in root's PATH from default is not owned by
- root (owned by tty).
- --WARN-- [path002w] /usr/bin/write in root's PATH from default is not owned by
- root (owned by tty).
- # Performing check of anonymous FTP...
- # Performing checks of mail aliases...
- # Checking aliases from /etc/aliases.
- # Performing check of `cron' entries...
- --WARN-- CRON file `' is owned by crontab.
- --WARN-- Found cron file for unknown user .
- --WARN-- [cron004w] Root crontab does not exist
- --WARN-- [cron005w] Use of cron is not restricted
- # Performing check of 'services' ...
- # Checking services from /etc/services.
- --WARN-- [inet003w] The port for service pop-2 is also assigned to service
- pop2.
- --WARN-- [inet003w] The port for service x400-snd is also assigned to service
- acr-nema.
- # Performing NFS exports check...
- # Performing check of system file permissions...
- --ERROR-- [init004e] `/usr/lib/tiger/systems/default/gen_mounts' is not executable (command GET_MOUNTS).
- # Checking for known intrusion signs...
- --ERROR-- [init004e] `/usr/lib/tiger/systems/default/gen_mounts' is not executable (command GET_MOUNTS).
- # Performing check for rookits...
- # Running chkrootkit (/usr/sbin/chkrootkit) to perform further checks...
- --ALERT-- [rootkit005a] Chkrootkit has found a file which seems to be infected
- because of a rootkit
- --ALERT-- [rootkit009a] A rootkit seems to be installed in the system
- INFECTED (PORTS: 31337)
- # Performing system specific checks...
- # Performing check of root directory...
- # Checking device permissions...
- --WARN-- [dev003w] The directory /dev/block resides in a device directory.
- --WARN-- [dev003w] The directory /dev/bsg resides in a device directory.
- --WARN-- [dev003w] The directory /dev/char resides in a device directory.
- --WARN-- [dev003w] The directory /dev/cpu resides in a device directory.
- # Checking for existence of log files...
- --FAIL-- [logf005f] Log file /var/log/wtmp permission should be 644
- --FAIL-- [logf005f] Log file /var/log/btmp permission should be 600
- --FAIL-- [logf005f] Log file /var/run/utmp permission should be 644
- # Checking for correct umask settings...
- --FAIL-- [misc022f] The umask setting in /etc/profile is insecure
- # Checking listening processes
- --WARN-- [lin003w] The process `exim4' is listening on socket TCP (0t0 on TCP
- interface) is run by Debian-exim.
- --WARN-- [lin003w] The process `murmurd' is listening on socket TCP (0t0 on
- TCP interface) is run by mumble-server.
- --WARN-- [lin003w] The process `murmurd' is listening on socket UDP (0t0 on
- UDP interface) is run by mumble-server.
- --WARN-- [lin003w] The process `portmap' is listening on socket TCP (0t0 on
- TCP interface) is run by daemon.
- --WARN-- [lin003w] The process `portmap' is listening on socket UDP (0t0 on
- UDP interface) is run by daemon.
- --WARN-- [lin003w] The process `rpc.statd' is listening on socket TCP (0t0 on
- TCP interface) is run by statd.
- --WARN-- [lin003w] The process `rpc.statd' is listening on socket UDP (0t0 on
- UDP interface) is run by statd.
- --WARN-- [lin003w] The process `srcds_lin' is listening on socket TCP (0t0 on
- TCP interface) is run by game.
- --WARN-- [lin003w] The process `srcds_lin' is listening on socket UDP (0t0 on
- UDP interface) is run by game.
- --WARN-- [lin003w] The process `sshd' is listening on socket TCP (0t0 on TCP
- interface) is run by root.
- --WARN-- [lin003w] The process `vsftpd' is listening on socket TCP (0t0 on TCP
- interface) is run by root.
- --WARN-- [lin003w] The process `znc' is listening on socket TCP (0t0 on TCP
- interface) is run by znc.
- # Checking sshd_config configuration files...
- --WARN-- [ssh004w] The PasswordAuthentication directive in
- /etc/ssh/sshd_config is set to the unapproved defult value: yes.
- # Checking printer configuration files...
- --ERROR-- [init006e] `/etc/printcap' does not exist (file definition src).
- --ERROR-- [init006e] `/etc/printcap' does not exist (file definition infile).
- # Performing common access checks for root...
- # Checking ntpd configuration...
- --ERROR-- [init001e] Don't have required command NETSTAT.
- --ERROR-- [init004e] `/usr/lib/tiger/systems/default/getdisks' is not executable (command GETDISKS).
- # Performing check of embedded pathnames...
- 20:20> Security report completed for Jamie.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement