Linux Security Auditing Tool (LSAT)
The Linux Security Auditing Tool (LSAT) is a post install
security auditor for Linux/Unix. It checks many system configurations
and local network settings on the system for common security/config
errors and for packages that are not needed.
It (for now) works under Linux (x86: Gentoo, RedHat, Debian, Mandrake;
Sparc: SunOS (2.x), Redhat sparc, Mandrake Sparc; Apple OS X)
Latest updates: Changelog: 05/04/2008 Package: 05/12/2008
Latest version: 0.9.7.1
Small problem with redhat output in 0.9.7 and forgot to clean
up all make/config files when I packaged it, so it is now at
0.9.7-1. I will also be fixing some RH enterprise and SElinux
issues as time permits.
I no longer have access to a RedHat/Fedora machine, and my trusty
Sun Ultra2 is down for the count. If you have access to a RH/Fedora
machine, please report any problems. If you want to donate a
Sun machine to me, let me know :)
Note, I updated the 0.9.6 tarball and zipfile. The "development"
version of Makefile.in was included and it has been changed
to a more sensible one. Sorry for the verbose compile output.
After a long break from LSAT, I should be looking at it again
from time to time and making improvements... first I will be
making sure it all still works on all of my new systems, and then
parsing my way through the TODO list and adding to it.
Updated the demo page of the lsat -w output...
Here it is.
Note: The command line options/switches have changed.
Please do a -h or --usage on 0.8.5 or read the README file
for more info...
NOTE: This is merely an auditing tool, and does not impose
any form of security on the box itself. I take no responsibility
for its use/reliability/blah/blah. Again:
This software does not modify anything (yet) to make your box more secure,
it is an auditor. It will report possible security flaws in the configuration
of the system.
Special note: Please email me with bugs and the like.
Also, please email me with suggestions, etc. It is your input
which will make this software better. Thanks.
There is now a (somewhat small) FAQ.
There is now an INSTALL file.
Check the changelog for more details.
What is does now: Updated 08/11/2003
See README.modules for list and more.
The TODO list is now a seperate page.
The changelog will show revision changes or bugfixes as they come about.
There is now a README included in the package.
There is now a README.modules included in the package.
Current version is 0.9.7.1 (beta - mostly stable)
tarred-gzipped w/md5sum 441defd1f7f82c5eccd3b5a9f46fe5fa
zipped w/md5sum: f393cad4b303da9a7555027d3ce24c9e
Past and present releases are here, along with a list of their respective md5sums.
This source code is in C and has been tested on a linux 2.2 and 2.4 kernel.
The latest release has been tested on Gentoo and should work on Solaris,
Debian, AIX, and almost all linux distros.
This software is licensed under the GNU General Public License.
Read it here.
This page last updated 05/12/2008
Edited with vim.
Join the Blue Ribbon Online Free Speech Campaign!