Linux Security Auditing Tool (LSAT) is a post install security auditing tool. It is modular in design, so new features can be added quickly. It checks many system configurations and local network settings on the system for common security/config errors and for packages that are not needed. It has been tested on Linux (Gentoo, Red Hat, Debian, etc.) and Solaris (SunOS 2.x).
|Operating Systems||POSIX Linux Solaris Mac OS X|
Release Notes: Bugs and errors were fixed in the following modules: checklogging, checknet, checknetpromisc, checkipv4, checkhosts, and checkservices. Improvements were made to the checkipv4 and checkservices module. An issue where LSAT was failing on Gentoo and Red Hat/CentOS when certain features were enabled was fixed. modules.html is now consistent with current modules in LSAT.
Release Notes: Adds Ubuntu and LinuxMint distributions. Makes the Gentoo check more thorough. Adds checks for grub2. Changes checkservices to include Debian, derivatives, and Gentoo. Numerous cleanups, improved HTML output, help and man page additions, and the addition of ubuntu and linuxmint checks to checkrcperms.
Release Notes: This release adds an extra limits check on resource limits, a Redhat/Fedora specific check in checkcfg, and checking for strict mode in SSH config. It fixes a few small output errors.
Release Notes: The dependency on the popt library has been removed. This release adds extra passwd and group checks under Linux, a check for failed logins under Linux/Solaris, a check for kernel modules under Solaris, network interface stats, and routing checks. It fixes a problem in checknetforward giving false positives, and an issue where verbose output was not very consistent. The kernel module check under Linux has been modified.
Release Notes: Headers were missing from a number of modules, and checkrc was not working under Linux kernel 2.6 and gentoo. A possible symlink attack in various modules and notes in modules writing instructions were fixed. The checkinit module returning false positive under gentoo was fixed. checknet was changed to reflect a network promiscuity change under the Linux 2.6 kernel. The behavior of checkopenfiles was changed, as it would not catch some open files. More checking was added to the checkdotfiles module. Various typos and formatting errors were fixed.