Buck-security

###########################
#   buck-security 0.6     #
###########################

We will run 12 security checks now.
This may take a while...


[*] CHECK 1: World Writeable Files           [1;31m[ WARNING ]
[0mThe following files are writeable for all users.
Learn more at http://buck-security.org/doc.html#c_wwf
######################################################
/home/fcadmin/fcc-10.009-Linux.i686.deb
/home/fcadmin/fcc-10.009-Linux.i686.tar.bz2
/home/fcadmin/FCintro SystemRequirements Linux.pdf
/home/fcadmin/fcserver-11.0.0.tgz
/home/fcadmin/INFO Linux FC IntroEdition V11.pdf
/var/www/weinbauer/components/com_virtuemart/shop_image/product/Weinvirtel_DAC_4ec44c869a9f0.jpg
/var/www/weinbauer/components/com_virtuemart/shop_image/vendor/weingut_Lang_4ec41830108d4.jpg
/var/www/form-your-body/configuration.php
/var/www/stefan/projekte/weblogbuch/conf/funk.inc.php
/var/www/stefan/projekte/weblogbuch/conf/php5.php
/var/www/stefan/projekte/weblogbuch/conf/listnav.inc.php
/var/www/stefan/projekte/weblogbuch/conf/qslMgr.inc.php
/var/www/stefan/projekte/weblogbuch/conf/listview.inc.php
/var/www/stefan/projekte/weblogbuch/conf/sess.inc.php
/var/www/owncloud/data/admin/lucene_index/read.lock.file
/var/www/owncloud/data/admin/lucene_index/write.lock.file
/var/www/owncloud/data/admin/lucene_index/segments.gen
/var/www/owncloud/data/admin/lucene_index/optimization.lock.file
/var/www/owncloud/data/admin/lucene_index/_0.cfs
/var/www/owncloud/data/admin/lucene_index/read-lock-processing.lock.file
/var/www/owncloud/data/admin/lucene_index/_0.sti
/var/www/owncloud/data/admin/lucene_index/_1.cfs
/var/www/owncloud/data/admin/lucene_index/segments_3
/var/www/owncloud/data/development/lucene_index/read.lock.file
/var/www/owncloud/data/development/lucene_index/write.lock.file
/var/www/owncloud/data/development/lucene_index/segments.gen
/var/www/owncloud/data/development/lucene_index/optimization.lock.file
/var/www/owncloud/data/development/lucene_index/read-lock-processing.lock.file
/var/www/owncloud/data/development/lucene_index/_b.sti
/var/www/owncloud/data/development/lucene_index/_a.sti
/var/www/owncloud/data/development/lucene_index/_c.cfs
/var/www/owncloud/data/development/lucene_index/_c.sti
/var/www/owncloud/data/development/lucene_index/_d.cfs
/var/www/owncloud/data/development/lucene_index/_d.sti
/var/www/owncloud/data/development/lucene_index/_e.cfs
/var/www/owncloud/data/development/lucene_index/_e.sti
/var/www/owncloud/data/development/lucene_index/_f.cfs
/var/www/owncloud/data/development/lucene_index/_f.sti
/var/www/owncloud/data/development/lucene_index/_g.cfs
/var/www/owncloud/data/development/lucene_index/_g.sti
/var/www/owncloud/data/development/lucene_index/_h.cfs
/var/www/owncloud/data/development/lucene_index/_g_1.del
/var/www/owncloud/data/development/lucene_index/_h.sti
/var/www/owncloud/data/development/lucene_index/_i.cfs
/var/www/owncloud/data/development/lucene_index/_h_1.del
/var/www/owncloud/data/development/lucene_index/_i.sti
/var/www/owncloud/data/development/lucene_index/_j.cfs
/var/www/owncloud/data/development/lucene_index/_i_1.del
/var/www/owncloud/data/development/lucene_index/_k.cfs
/var/www/owncloud/data/development/lucene_index/_b.cfs
/var/www/owncloud/data/development/lucene_index/_a.cfs
/var/www/owncloud/data/development/lucene_index/_j.sti
/var/www/owncloud/data/development/lucene_index/_b_2.del
/var/www/owncloud/data/development/lucene_index/segments_o
/var/www/owncloud/data/development/lucene_index/_k.sti
/var/www/owncloud/data/novarock/lucene_index/read.lock.file
/var/www/owncloud/data/novarock/lucene_index/write.lock.file
/var/www/owncloud/data/novarock/lucene_index/segments.gen
/var/www/owncloud/data/novarock/lucene_index/optimization.lock.file
/var/www/owncloud/data/novarock/lucene_index/read-lock-processing.lock.file
/var/www/owncloud/data/novarock/lucene_index/_1e.cfs
/var/www/owncloud/data/novarock/lucene_index/_1p.cfs
/var/www/owncloud/data/novarock/lucene_index/_2b_1.del
/var/www/owncloud/data/novarock/lucene_index/_d.cfs
/var/www/owncloud/data/novarock/lucene_index/_d.sti
/var/www/owncloud/data/novarock/lucene_index/_1p.sti
/var/www/owncloud/data/novarock/lucene_index/_20.cfs
/var/www/owncloud/data/novarock/lucene_index/_2b.sti
/var/www/owncloud/data/novarock/lucene_index/_2n.cfs
/var/www/owncloud/data/novarock/lucene_index/_2l.cfs
/var/www/owncloud/data/novarock/lucene_index/_d_1.del
/var/www/owncloud/data/novarock/lucene_index/_2m.cfs
/var/www/owncloud/data/novarock/lucene_index/_13.sti
/var/www/owncloud/data/novarock/lucene_index/_13_1.del
/var/www/owncloud/data/novarock/lucene_index/_1e_1.del
/var/www/owncloud/data/novarock/lucene_index/_2b.cfs
/var/www/owncloud/data/novarock/lucene_index/_13.cfs
/var/www/owncloud/data/novarock/lucene_index/_1e.sti
/var/www/owncloud/data/novarock/lucene_index/_20.sti
/var/www/owncloud/data/novarock/lucene_index/_2m.sti
/var/www/owncloud/data/novarock/lucene_index/_2l.sti
/var/www/owncloud/data/novarock/lucene_index/segments_31
/var/www/teamspeak/ts3wi_3.4.1.rar
/var/www/teamspeak/changelog.txt
/var/www/teamspeak/config.php
/var/www/teamspeak/favicon.ico
/var/www/teamspeak/functions.inc.php
/var/www/teamspeak/gpl-3.0.txt
/var/www/teamspeak/header.php
/var/www/teamspeak/index.php
/var/www/teamspeak/INSTALL.txt
/var/www/teamspeak/motd.txt
/var/www/teamspeak/README.txt
/var/www/teamspeak/screate_config.php
/var/www/teamspeak/ts3admin.class.php
/var/www/teamspeak/tsviewpub.php
/var/www/teamspeak/updatecheck.php
/run/sendmail/mta/smsocket
[1;34m

[*] CHECK 2: World Writeable Directories     [1;31m[ WARNING ]
[0mThe following directories are writeable for all users.
Learn more at http://buck-security.org/doc.html#c_wwd
######################################################
/run/lock
/run/shm
/var/cache/common-lisp-controller
/var/lib/php5
/var/mail
/var/www/owncloud/owncloud/apps
/var/www/owncloud/owncloud/config
/var/www/stefan/projekte/weblogbuch/conf
/var/www/teamspeak/gfx
/var/www/teamspeak/icons
/var/www/teamspeak/libs
/var/www/teamspeak/site
/var/www/teamspeak/temp
/var/www/teamspeak/templates
/var/www/teamspeak/templates_c
[1;34m

[*] CHECK 3: Sticky-Bit set for /tmp         [1;32m[ OK ]
[1;34m

[*] CHECK 4: Files where Setuid is used      [1;31m[ WARNING ]
[0mThe following programs have the SUID set. This might
represent a security risk.
Learn more at http://buck-security.org/doc.html#c_suids
######################################################
/bin/fusermount
/opt/fcsd/fcsd
/opt/fcsd/fcisd
/usr/sbin/uuidd
/usr/sbin/sensible-mda
/usr/bin/mtr
/usr/bin/procmail
/usr/bin/X
/usr/lib/virtualbox/VBoxHeadless
/usr/lib/virtualbox/VBoxNetAdpCtl
/usr/lib/virtualbox/VBoxNetDHCP
/usr/lib/virtualbox/VBoxSDL
/usr/lib/virtualbox/VirtualBox
/usr/lib/dbus-1.0/dbus-daemon-launch-helper
[1;34m

[*] CHECK 5: Files where Setgid is used      [1;31m[ WARNING ]
[0mThe following programs have the SGID set. This might
represent a security risk.
Learn more at http://buck-security.org/doc.html#c_sgids
######################################################
/opt/fcsd/fcsd
/opt/fcsd/fcisd
/usr/sbin/uuidd
/usr/bin/mail-lock
/usr/bin/mail-unlock
/usr/bin/dotlockfile
/usr/bin/mail-touchlock
/usr/bin/screen
/usr/bin/lockfile
/usr/bin/procmail
/usr/bin/X
/usr/lib/mc/cons.saver
/usr/lib/x2go/x2gosqlitewrapper
/usr/lib/utempter/utempter
/usr/lib/squid/getpwnam_auth
/usr/lib/squid/pam_auth
/usr/lib/sm.bin/sendmail
/usr/lib/sm.bin/mailstats
/usr/lib/virtualbox/VBoxHeadless
/usr/lib/virtualbox/VBoxNetAdpCtl
/usr/lib/virtualbox/VBoxNetDHCP
/usr/lib/virtualbox/VBoxSDL
/usr/lib/virtualbox/VirtualBox
[1;34m

[*] CHECK 6: Check umask                     [1;32m[ OK ]
[1;34m

[*] CHECK 7: Find superusers                 [1;32m[ OK ]
[1;34m

[*] CHECK 8: Listening Services              [1;31m[ WARNING ]
[0mThe following programs are listening for incoming
connections. Output format is port:program:listen_mode
Learn more at http://buck-security/doc.html#c_services
######################################################
21:proftpd:LISTEN_ALL
22:sshd:LISTEN_ALL
25:sendmail:LISTEN_LOCAL
80:apache2:LISTEN_ALL
123:ntpd:LISTEN_ALL
587:sendmail:LISTEN_LOCAL
1194:openvpn:LISTEN_ALL
3130:UNKNOWN:LISTEN_ALL
3306:mysqld:LISTEN_LOCAL
8080:UNKNOWN:LISTEN_ALL
9987:ts3server_linu:LISTEN_ALL
10000:perl:LISTEN_ALL
10011:ts3server_linu:LISTEN_ALL
30033:ts3server_linu:LISTEN_ALL
46370:UNKNOWN:LISTEN_ALL
[1;34m

[*] CHECK 9: Check firewall policies         [1;31m[ WARNING ]
[0mThe following iptables policies are set to ACCEPT
which might be a security problem.
Learn more at http://buck-security/doc.html#c_firewall
######################################################
INPUT:ACCEPT
FORWARD:ACCEPT
OUTPUT:ACCEPT
[1;34m

[*] CHECK 10: Check if sshd is secured       [1;31m[ WARNING ]
[0mThe following sshd options aren't set to a secure value.
Learn more at http://buck-security.org/doc.html#c_sshd
######################################################
Port
[1;34m

[*] CHECK 11: Search problematic packages    [1;32m[ OK ]
[1;34m
------------------
STARTING CHECKSUM CHECK
Decrypting checksum-file checksums.gpg ...


[*] CHECK 12: Checksums of system programs   [1;32m[ OK ]
[1;34m

###########################
###   CHECKS FINISHED   ###
time taken was 13 seconds
###########################

ATTENTION:
buck-security is still under heavy development, consider this a beta version.
Your feedback is very welcome, please send it to maba4891@users.sourceforge.net.
To get help run './buck --help' or visit http://www.buck-security.org/