Linux Security Auditing Tool (LSAT)


The Linux Security Auditing Tool (LSAT) is a post install
security auditor for Linux/Unix. It checks many system configurations
and local network settings on the system for common security/config
errors and for packages that are not needed. 
It (for now) works under Linux (x86: Gentoo, RedHat, Debian, Mandrake;
Sparc: SunOS (2.x), Redhat sparc, Mandrake Sparc; Apple OS X)

Latest updates: Changelog: 06/19/2014    Package: 06/19/2014
Latest version: 0.9.8.2

Download links are at the bottom of this page. 


LSAT in Training:

Kenvision Techniks Ltd Ethical Hacking & Countermeasures Training Program includes LSAT.

The EC-Council Certified Ethical Hacking uses LSAT in the training course. 

Here are a few pdfs about the EC-Council training: CNDA Brochure, Ethical Hacking and Countermeasures Specialist.


NEWS:
05/21/2014:
Numerous small fixes. Bug updates, a few modules were not running
under Debian/RedHat. Tested on CentOS, Debian, Gentoo, Ubuntu Server.
My old sparcstation 20 is dying and I have not tested this release on Solaris.
Check the changelog for more details.

NOTE a few books on ethical hacking and computer security mention LSAT. 
(Yes these are affiliate links, yes I would get paid $0.02 if you purchased
one)

By EC-Council - Ethical Hacking and Countermeasures: Attack Phases: 1st (first) Edition

Ethical Hacking and Countermeasures: Linux, Macintosh and Mobile Systems (Ethical Hacking and Countermeasures: C/ E H: Certified Ethical Hacker)

Computer and Information Security Handbook, Second Edition

Linux (Hacking Exposed)


Thre is a demo page of the lsat -w output...
Here it is.


NOTE: This is merely an auditing tool, and does not impose
any form of security on the box itself. I take no responsibility
for its use/reliability/blah/blah. Again:
This software does not modify anything (yet) to make your box more secure, 
it is an auditor. It will report possible security flaws in the configuration
of the system.

Special note: Please email me with bugs and the like.
Also, please email me with suggestions, etc. It is your input
which will make this software better. Thanks.

There is now a (somewhat small) FAQ.

There is now an INSTALL file.

Check the changelog for more details. 

What is does now: Updated 08/11/2003 
See README.modules for list and more. 

The TODO list is now a seperate page.

The changelog will show revision changes or bugfixes as they come about. 
There is now a README included in the package.
There is now a README.modules included in the package.

Current Version is 0.9.8.2:
tarred-gzipped w/md5sum c49eb012a953f8949faac59cf18478f7
zipped w/md5sum: ad33cdca9cc58f7f2c348e514e20e21d

Past and present releases are here, along with a list of their respective md5sums.

This source code is in C and has been tested on a linux 2.2 and 2.4 kernel. 
The latest release has been tested on Gentoo and should work on Solaris,
Debian, AIX, and almost all linux distros. 

This software is licensed under the GNU General Public License.
Read it here. 
My email.


This page last updated 06/19/2014


Edited with vim.
Join the Electronic Frontier Foundation

Valid HTML 4.01!