buck-security

Security Scanner for Debian and Ubuntu Linux

---

• Introduction
• Download
• Documentation
• FAQ
• Security Tips
• Contact

Top Ten Linux Security Programs

Here's is my personal Top Ten list of Linux Security Programs. Most of such lists you find everywhere are boring because they include only the usual suspects like nessus, nmap and John the Ripper. So I've tried to include some not so well known programs, which sometimes aren't real "security programs" but nevertheless are extremly useful to secure your Linux system.

logcheck

The most underrated security tool in my opinion; and it isn't even a security program. It's a log-checking program. It parses the various logs in /var/log and if something unusual was logged sends you a message. The documentation and the website isn't that good but that's not a big problem. Logcheck is really easy to configure and offers useful features like whitelists and different security levels (workstation, server, paranoid).

Learn more

http://logcheck.org

Installation

aptitude install logcheck

last

last is a tiny but very useful programs. It searches back through the file /var/log/wtmp and displays a list of all users logged in (and out) since that file was created. So by running last you get a listing of last logged in users. If the login came from a remote machine the IP-address is logged too. You can control the output by using some option flags which are described in the man page.

Learn more

man page for last

Installation

aptitude install sysvinit-utils (installed by default)

w

w displays information about the users currently on the machine, and their processes. The header shows, in this order,

• the current time
• how long the system has been running
• how many users are currently logged on
• the system load averages for the past 1, 5, and 15 minutes

A similar command you can use for this is who.

Learn more

man page for w

Installation

aptitude install procps (installed by default)

lsof

Learn more

Installation

aptitude install lsof

nmap

Learn more

http://nmap.org/

Installation

aptitude install nmap

rkhunter

Learn more

http://www.rootkit.nl/projects/rootkit_hunter.html

Installation

aptitude install rkhunter

bastille

Learn more

http://bastille-linux.sourceforge.net/

Installation

aptitude install bastille

logcheck

Learn more

Installation

aptitude install

logcheck

Learn more

Installation

aptitude install

buck-security

Learn more

http://www.buck-security.org

Installation

Check out the documentation site of buck-security

w lsof nmap rkhunter bastille buck-security