This is the TODO list for LSAT.
Entries will be deleted from here as they are implemented.
If you can think of anything or have suggestions for modules
or checks, please email me. Thanks.
- if on gentoo, see who else is in the wheel group. Do likewise
for groups that have root access on others
- Make checkx work if the user inputs startx w/options on the command line.
- Check for email, if so, check that it is not relaying (at least).
Perhaps this should be an active check (e.g. connect locally and try to
relay, then check the server response... of course, this could be bad
if it actually would relay! :)
- Check for a firewall script, make sure it has deny at the end.
(perhaps checking iptables dynamically) Note, this method does not work
all the time, e.g. if running the rc.firewall from the HOWTO pages,
and then you do an iptables -L, there is no explicit deny at the end,
its embedded in each section. My checks will have to be smarter and more
- Check some common ftp configs for security (expand on this, not enough)
- Check samba security
Anyone with suggestions to add to the list, just mail me.
number9 at dimlight dot org
This page last updated 03/12/2004