Local Vulnerabilities | 121




Download 22,59 Mb.
Pdf ko'rish
bet118/225
Sana14.05.2024
Hajmi22,59 Mb.
#232856
1   ...   114   115   116   117   118   119   120   121   ...   225
Bog'liq
learningkalilinux

Local Vulnerabilities | 121


Using lynis for Local Checks
Programs are available on most Linux distributions that can run tests for local vul‐
nerabilities. Kali is no different. One of these programs is 
lynis
, a vulnerability scan‐
ner that runs on the local system and runs through numerous checks for settings that
would be common in a hardened operating system installation. Operating systems
that are hardened are configured to be resistant to attacks. This can mean enabling
logging, tightening permissions, and choosing other settings.
The program 
lynis
has settings for different scan types. You can do quick scans or
complete scans, depending on the depth you want to go. There is also the possibility
of running in pentest mode, which is an unprivileged scan. This limits what can be
checked. Anything that requires root access, like looking at some configuration files,
can’t be checked in pentest mode. This can provide you good insight into what an
attacker can do if they gain access to a regular, unprivileged account. 
shows partial output of a run of 
lynis
against a basic Kali installation.
Example 4-3. Output from lynis
[
+
]
Memory and Processes
------------------------------------
- Checking /proc/meminfo
[
FOUND 
]
- Searching 
for
dead/zombie processes
[
OK 
]
- Searching 
for
IO waiting processes
[
OK 
]
[
+
]
Users, Groups and Authentication
------------------------------------
- Administrator accounts
[
OK 
]
- Unique UIDs
[
OK 
]
- Consistency of group files 
(
grpck
)
[
OK 
]
- Unique group IDs
[
OK 
]
- Unique group names
[
OK 
]
- Password file consistency
[
OK 
]
- Query system users 
(
non daemons
)
[
DONE 
]
- NIS+ authentication support
[
NOT ENABLED 
]
- NIS authentication support
[
NOT ENABLED 
]
- sudoers file
[
FOUND 
]
- Check sudoers file permissions
[
OK 
]
- PAM password strength tools
[
SUGGESTION 
]
- PAM configuration files 
(
pam.conf
)
[
FOUND 
]
- PAM configuration files 
(
pam.d
)
[
FOUND 
]
- PAM modules
[
FOUND 
]
- LDAP module in PAM
[
NOT FOUND 
]
- Accounts without expire date
[
OK 
]
- Accounts without password
[
OK 
]
- Checking user password aging 
(
minimum
)
[
DISABLED 
]
- User password aging 
(
maximum
)
[
DISABLED 
]
- Checking expired passwords
[
OK 
]
- Checking Linux single user mode authentication
[
WARNING 
]

Download 22,59 Mb.
1   ...   114   115   116   117   118   119   120   121   ...   225




Download 22,59 Mb.
Pdf ko'rish