1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
|
Source: checksecurity
Maintainer: Javier Fernández-Sanguino Peña <jfs@computer.org>
Section: admin
Priority: optional
Build-Depends: debhelper-compat (= 13)
Standards-Version: 4.7.0
Vcs-Browser: https://salsa.debian.org/debian/checksecurity
Vcs-Git: https://salsa.debian.org/debian/checksecurity.git
Rules-Requires-Root: no
Package: checksecurity
Architecture: all
Depends: cron | systemd-cron | anacron,
${perl:Depends},
${misc:Depends}
Recommends: logcheck
Suggests: apt-watch | cron-apt,
lockfile-progs,
tiger,
tripwire | integrit | aide | samhain | fcheck,
debsecan
Replaces: cron
Description: basic system security checks
Checksecurity can periodically do some very basic system security checks:
.
* check-setuid - scans for insecurely mounted remote file systems,
and tracks changes in setuid programs;
* check-sockets - tracks changes in open ports to detect rogue programs;
* check-passwd - scans for empty or duplicate system accounts;
* check-disfree - scans for mounted filesystems nearing capacity;
* check-iptables-logs - scans logs generated by iptables and look
for intrusion attempts.
.
Be aware that these minimal set of checks are no substitute for a full
security auditing and integrity checking system.
.
In addition to these checks you are encourage to install additional packages
(listed in "Recommends") to provide more information concerning the security
or vulnerability of your system.
.
Installing the suggested package lockfile-progs can help to prevent
the cron jobs running multiple times if something gets jammed.
|
