Penetration Testing mailing list archives
UNIX/Windows audit scripts
From: Javier Fernandez-Sanguino <jfernandez () germinus com>
Date: Fri, 04 Mar 2005 10:11:20 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi there, I have just returned from an audit in which I have been extensively used a set of audit scripts to extract information to do a "white box" analysis of a set of systems. Running an "advanced" tool on those systems [1] was not an option and I used a simple shell script (batch in the Windows 2000/XP/2003 case) that would extract the relevant information from the system (installed software and patches, permissions, TCP/IP listeners, processes, etc.) and allow me to review that manually and fill in the appropiate checklist. After developing my own I have been able to find only a few similar scripts out there. Marc Heuse's set of audit scripts [2] and Seán Boran's UNIX/Linux local audit tool [3]. Has anyone written / used similar scripts? Please refrain from suggesting me using tools like ISS's Host Scanner, Nessus (and its Local Security Checks), the CIS scoring tool, Titan or similar software. I'm actually looking for audit scripts less than 8-10Kb in size that do not need any installation and can be run without a GUI to just output information that will be later on analysed. I'm not looking for something that will do both the information extraction and the security review report for me. I have working audit scripts currently for AIX, Debian GNU/Linux, Red Hat, SuSE, HPUX, Solaris and Windows. But I'm interested in comparing mine with others out there in order to improve them and with a public release of those in mind. Regards Javier [1] Like Tiger in Unix systems, which I maintain currently (at http://savannah.nongnu.org/projects/tiger) [2] http://www.suse.de/~marc/audit/ [3] http://www.boran.com/security/sp/solaris/audit_tool.html -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.3 iQA/AwUBQigmNaO1I0N5hzVfEQIbLwCfe9fUv6GOkKoH5TU2Fw2zopoNn4AAoPQk 7/sChGpaQrMzuJx0473nSrGZ =g6vs -----END PGP SIGNATURE-----
Current thread:
- UNIX/Windows audit scripts Javier Fernandez-Sanguino (Mar 04)
- Re: UNIX/Windows audit scripts mozilla (Mar 04)
- Re: UNIX/Windows audit scripts Jeffrey Denton (Mar 04)
- Re: UNIX/Windows audit scripts David Cravshaw (Mar 04)
- <Possible follow-ups>
- RE: UNIX/Windows audit scripts Todd Towles (Mar 04)