Project: Linux Security Auditing Tool?
Results 1 to 7 of 7

Thread: Project: Linux Security Auditing Tool?

  1. #1
    Member
    Join Date
    Mar 2005
    Posts
    65

    Project: Linux Security Auditing Tool?

    Ola:
    Has anyone worked with this tool:

    Project: Linux Security Auditing Tool:

    http://sourceforge.net/projects/usat/

    It looks interesting, and we were going to test it out in our lab, but itappears not to have any developer activity on it, and it is still in beta. Any thoughts on this?

    Gracias.

  2. #2
    Senior Member kr5kernel's Avatar
    Join Date
    Mar 2004
    Posts
    347
    If you are looking for security auditing, check out Nessus.

    http://www.nessus.org

    They have official releases, and it is probably similair to what you are looking to test.
    kr5kernel
    (kr5kernel at hotmail dot com)
    Linux: Making Penguins Cool Since 1994.

  3. #3
    Member
    Join Date
    Mar 2005
    Posts
    65
    Ola:

    Thanks for the reply back. We have NESSUS and ISS, but I wanted a third tool (perhaps that is inefficient) to counter any false positives or false negatives found with NESSUS and ISS. I was looking into Typhon III earlier (http://www.antionline.com/showthread...hreadid=267970) but that porridge was too hot. For now, I will stick with ISS and NESSUS and probably join their mailists, if they have them to combat the false positives/negatives. And the reason that is a sticking point for us, is that I don't want the admins chasing wild geese if at all possible, when it comes to vulnerabilities.

    Gracias.

  4. #4
    Senior Member kr5kernel's Avatar
    Join Date
    Mar 2004
    Posts
    347
    The horse had a good thread not to far back about picking software you feel comfortable with, and then learning the hell out of it. With so many choices its often hard to stick to one.
    kr5kernel
    (kr5kernel at hotmail dot com)
    Linux: Making Penguins Cool Since 1994.

  5. #5
    Banned
    Join Date
    May 2003
    Posts
    1,004
    Nessus isn't a security auditor, it's a network scanner.

    The Titan Security Toolkit ( http://www.fish.com/titan/ ) is decent, typically revs come out for Solaris first and then Linux and BSD modules come out.

    I'd avoid non-production level security tools, especially those with no developer activity.

    cheers,

    catch

  6. #6
    Senior Member
    Join Date
    Mar 2004
    Location
    Colorado
    Posts
    421
    Originally posted here by catch
    Nessus isn't a security auditor, it's a network scanner.

    I agree but would change to network device or host vulnerability scanner.
    And a darn good one to boot for the price.



    thwhomp:

    Are you looking to harden existing Linux installs?

  7. #7
    Banned
    Join Date
    May 2003
    Posts
    1,004
    I agree but would change to network device or host vulnerability scanner.
    Oh, perhaps... I've not used it in awhile. They must have finally added the ability to effectively scan multi-level hubs, transparent proxies, and passive NIDSes. Or maybe they've only added the ability to scan for insecure libraries or rights propigation paths.

    Good to see they've continued progress so substantially.

    cheers,

    catch

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •