[727] in linux-security and linux-alert archive
Re: [linux-security] uhh.. security?
daemon@ATHENA.MIT.EDU (Bill D)
Sat May 11 12:44:15 1996
Date: Fri, 10 May 1996 22:05:24 -0400 (EDT)
From: Bill D <billd@voicenet.com>
To: Pat Trainor <ptrainor@aura.title14.com>
cc: linux-security@tarsier.cv.nrao.edu
In-Reply-To: <Pine.LNX.3.91.960509192951.203G-100000@aura.title14.com>
On Thu, 9 May 1996, Pat Trainor wrote:
> What way can a sysadmin check all dirs for the proper (or close)
> permissions and symbolic links for an a> functional system, and b> a
> secure system?
I'd suggest the COPS package, available for ftp from CERT (sorry, don't
have an exact sitename).
[Mod: ftp://ftp.cert.org/pub/cops/. The CERT archive is also mirrored
here nightly at ftp://linux.nrao.edu/pub/security/CERT/. --Jeff]
It checks all directories and system files, as well as user files like
.forward, .profile, and .cshrc for world writeability or other hazardous
conditions, plus it will also try to see if the root account (or other
privileged accounts that you specify) can be cracked by manipulation of
things like file permissions and world writeability of files.
Bill
--
billd@doa.net billd@voicenet.com (Bill Duetschler)
"Yesterday, apropos of nothing, one friend said to me 'Do you ever have
days where you just want to get everyone you know together in one place,
have them all take off their clothes, and let nature take its course?'"
--Susan Groppi
