|
|
Downloads | Contact us
|
|
Unix Security Audit Analyzer
The Unix Security Analyzer has two parts: the Configuration Dump Script and the Unix Analyzer.
The Analyzer automatically completes over 100 thorough configuration tests. These include password, permission, services, and general security hardening tests.
Downloads | Instructions | FAQ | Features
|
Download configuration extractor and analyzer
This tool has two parts:
- The Unix configuration extractor is a script that runs on the server to extract necessary security configurations. This script doesn't make any changes to the server other than creating the dump files
System Requirements: Any computer AIX, HP-UX, Solaris, or Linux
Download Extract Script version 4 (2007-10-21).
- The Unix configuration analysis tool runs on your workstation to analyze the information extrated by the script. Since most IT Security auditors use Windows® workstations, the analyzer runs on Windows®.
System Requirements: Windows® XP, 2000, 2003, or Vista.® With .net® 2.0 Please note: The program will install the .net® Framework 2.0 if not already installed. 512MB RAM required, 1GB+ recommended.
Mac, Solaris, Linux, and UNIX users click here to download Mono, which replaces the .net Framework for non-Windows platforms.
Download Analyzer version 2.1 for .net® 2.0 (2008-05-17).
Instructions
- Download the Extract Script and Analyzer
- Have the system administrator of the server in question copy the extract script into a new blank directory, review and run the script (the script is a plain batch file to assure administrators that it won't harm their production servers)
- Note that the extraction script is designed for many flavours of Unix. As such, it produces many file not found errors as it runs. This is normal and does not indicate any problems.
- Install/run the analyzer tool onto a separate workstation
- If you encounter an error while installing a new version of the application, do the following:
- Click Start
- Click Control Panel
- Click Add/Remove programs
- Scroll Down and Click Unix Analyzer
- Select Remove the application from this computer and click OK
- Reinstall the analyzer by downloading it again
- once the script runs, copy the generated files to the analysis workstation. If sending to an auditor, I recommend compressing and encrypting the folder in which the script was executed.
- In the Analyzer, click the "Browse" button and select the directory that contains the dump files. The analysis will happen automatically.
FAQ
How does the program send optional anonymous statistic contributions?
The analyzer program sends the anonymous statistics through a 1024-bit SSL Connection. The analyzer does not send information that may identify the analyzed computer.
Can I prevent the program from sending anonymous statistics?
Yes, uncheck the checkbox beside "Compare results to common practice (sends anonymous statistics to web server)" on the Options tab. Please note, however, that disabling this option will prevent the analyzer from comparing your results to common practice.
When and why does the program access the Internet?
The program accesses the Internet three times:
When the program starts, it checks for updates in the background. If an update is available, the next time the program starts, it will ask you if you want to update.
If comparing results to common practice is enabled, anonymous statistics are sent to the web server, which will return a comparison of the analyzed results to common practice. All of these communications are encrypted through 1024-bit SSL encryption
After clicking "more info" beside test results, the program will download help pages from the web server into the "Help" tab.
Unix security analysis features
Please note that some of the following features are only reported on operating systems that support them.
Save results to Excel
Comprehensive help on test results to provide background risk information
Operating System version
Failed user logon attepts
HP-UX TCB Failed Logon attepts from a terminal
Syslog failed logon attempt reporting
Null Passwords
Password Length
Minimum password age
Maximum password age
Dictionary list
Password reuse count
Password reuse time
Password composition limitations
Inactive account lockout thresholds
Root-specific password limitations
Telnet banner
FTP banner
Pre-login (issue) banner
Post-login (message of the day) banner
Banner set through Herald
Sendmail greeting displaying version information
List files that run as root (SUID)
List files that run with group permissions
List files that may be difficult to delete
Files with world-writable permissions
Files with world read, write, and execute (777) permissions
Files without a user owner
Files without a group owner
Hidden files
Accounts without passwords
HP-UX TCB Accounts without passwords
Server configuration to force password use
Restrictions to prevent root from logging in remotely
Java®
Bootp
Chargen
Daytime
Discard
Echo
Finger
FTP
Netstat
RCP
rexec
rlogin
rquota
rsh
rstat
rusers
rwall
spray
talk
telnet
tftp
time
DNS Server
DHCP Server
SNMP
Process Accounting
Network Tracing and Logging (NETTL)
Automatic saving of hardware logs (PDCINFO)
Auditing
NIS+ Server
NIS Master Server
NIS Slave Server
NIS Client
NIS+ Client
Password/group caching/hashing daemon (PWGRD) with NIS
Password/group caching/hashing daemon (PWGRD)
Apache Server
Sendmail Server
Web Administration Server
APC UPS Powerchute
SU logging
and more...
|
|
|
ThreeShield
Portal
|
|
|
Software News
|
|
|
Windows Security analyzer 1.4.8 features new Active Directory summary feature.
download now
|
|
Unix Security Analyzer now supports
non-english languages.
download now
|
|
NIST SP 800-63 password policy compliance analysis tool now supports NIST, US Government, DoE, NERC, PCI, HIPAA, Alberta Government, and Contractor requirements.
download now
|
|
Advertisers
|
|
|
|
Windows, Windows Vista, Window NT, and the Windows logo are registered trademarks
of Microsoft Corporation. HP-UX is a trademark of Hewlett-Packard Company. AIX is
a trademark of the IBM Corporation. Sun, Java, Solaris, and logos that contain Sun,
Solaris, or Java are trademarks or registered trademarks of Sun Microsystems, Inc.
or its subsidiaries in the United States and other countries.
All text, graphics, and code on this website are Copyright ©1999-2008 ThreeShield
Information Security LLC.
|
|
|