sectool is a security tool that can be used both as a security audit as well as a part of an intrusion detection system. It consists of set of tests, library and textual/graphical frontend. Tests are sorted into groups and security levels. Administrators can run selected tests, groups or whole security levels.
Security Levels
- Naive – pretty basic and short set of tests
- Desktop – set of tests prepared to run on box not connected to internet
- Network – standard client machine connected to internet
- Server – network server
- Paranoid – bunch of tests for paranoid admins
The tests print several type of messages during their execution. “Warning” and “Error” messages are used to inform about discovered security risks.
- warning – something that admin should know about
- error – issues that should be fixed
Then there are another two messages: “Hint” and “Info”. These two are not print by default, so they need to be turned on.
- hint – helps to find a way how to resolve discovered issue
- info – provides information what does the test do at the moment
Test Results
Every test run is finished with one of these results:
- PASS – Everything went OK, no security risks were discovered
- WARNING – only warning messages were print
- ERROR – at least one security issue was discovered
- FAIL – internal test problem appears, test can’t be run
You can download sectool here:
Or read more here.