Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > FreeBSD Security> 1999-q3

FreeBSD Security Archives: Re: Security tests

Re: Security tests

Jonas Eriksson (jeinteract.se)
Mon, 1 Nov 1999 23:02:04 +0100 (CET)

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Next message: Ollivier Robert: "Re: Examining FBSD set[ug]ids and their use"
Previous message: Issei Suzuki: "Re: OpenSSH patches"
In reply to: Kris Kennaway: "OpenSSH patches"

Try The Nessus remote security scanner, located at:

http://www.nessus.org

Regards Jonas Eriksson

--
InterACT Luleå
Network & Security Administrator
Tel: +46 (0)920 88803 - Fax: +46 (0)920 88399
Current temp in Lulea/Sweden is 4.6C (40.3F)
On Tue, 26 Oct 1999, Dr. Dave wrote:
> On Tue, Oct 26, 1999 at 04:36:35PM +0200, Jean-Pierre H. Dumas wrote:
> > This is to verify the security of a FreeBSD 3.2
> > server I am installing. To be used as a POP3 toaster,
> > with qmail and vmailmgr.
> > 
> > I installed and ran COPS (a really old one).
> > It screamed at me about the /var/spool/uucppublic
> > directory as beeing *world* writable.
> > It barfed on the passwd and group having the wrong
> > number of fields (I assume this is because of the
> > use of perl 5 vs perl 3 at the time of creation
> > of COPS, something like _ changed meaning ?)
> > Question: is the permission of /var/spool/uucppublic
> > correct once in drwxrwxr-x ? (I do not use uucp,
> > but...)
> 
> Cops is VERY old and outdated.  If you would like some more recent security tools, visit http://www.securityfocus.com, they also have a bug tracking archive that you can search through by OS.  Keeping security on a system is alot more than installing the packages from /usr/ports/security.
> 
> > Question: What can I do more to have a realistic
> > report about this server's security ?
> 
> If this is a corporate environment you may want to look into a site licence for IIS, internet security scanner, http://www.iss.net
> 
>  
> > Is there any other scanners or whatever that I can get
> > and run, either from within the server, or from
> > outside (I have a FreeBSD 3.2, Linux and Windows 95
> > machine on the Ethernet)
> 
> If you are looking for portscanners, you may want to look at nmap, http://www.insecure.org/nmap
> 
> -- 
> --------------------------------------------------------------------------
> Dave McKay                                      davesneakerz.org              
> MSN Hotmail                                     http://www.hotmail.com
> --------------------------------------------------------------------------
> 
> 
> To Unsubscribe: send mail to majordomoFreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
> 
To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Next message: Ollivier Robert: "Re: Examining FBSD set[ug]ids and their use"
Previous message: Issei Suzuki: "Re: OpenSSH patches"
In reply to: Kris Kennaway: "OpenSSH patches"

This archive was generated by hypermail 2.0b3 on Mon Nov 01 1999 - 16:02:07 CST