{"id":3933,"date":"2015-12-01T02:15:00","date_gmt":"2015-11-30T18:15:00","guid":{"rendered":"https:\/\/www.darknet.org.uk\/?p=3933"},"modified":"2015-12-01T02:16:36","modified_gmt":"2015-11-30T18:16:36","slug":"lsat-linux-security-auditing-tool","status":"publish","type":"post","link":"https:\/\/www.darknet.org.uk\/2015\/12\/lsat-linux-security-auditing-tool\/","title":{"rendered":"LSAT – Linux Security Auditing Tool"},"content":{"rendered":"
Linux Security Auditing Tool (LSAT) is a post install security auditing tool. It is modular in design, so new features can be added quickly. It checks inetd entries and scans for unneeded RPM packages. It is being expanded to work with Linux distributions other than Red Hat, and checks for kernel versions. <\/p>\n
It (for now) works under Linux (x86: Gentoo, RedHat, Debian, Mandrake; Sparc: SunOS (2.x), Redhat sparc, Mandrake Sparc; Apple OS X).<\/p>\n
<\/p>\n
You can also check out tools like:<\/p>\n
– Lynis v1.6.0 Released For Download \u2013 Linux Security Auditing Tool<\/a> You can download LSAT here:<\/p>\n
\n– Tiger \u2013 Unix Security Audit & Intrusion Detection Tool<\/a>
\n– unix-privesc-check \u2013 Unix\/Linux User Privilege Escalation Scanner<\/a><\/p>\nModules\/Features<\/h3>\n
\n
Usage<\/h3>\n
.\/lsat [OPTIONS]\r\n\r\nOptions: \r\n\r\n -d diff current and old md5, output in lsatmd5.diff\r\n -f Force a specific distribution test. Distro names are:\r\n redhat\r\n debian\r\n mandrake\r\n solaris\r\n gentoo\r\n macosx\r\n If no -f option, lsat will guess. If lsat can\r\n not guess the distribution, default is redhat.\r\n -a Show this (advanced) help page\r\n -o Output file name -- default is lsat.out\r\n -r Check rpm integrity -- redhat or mandrake only\r\n -s Silent mode\r\n -v Verbose output\r\n -w Output file in html format\r\n -x eXclude module(s) in filelist from checks...\r\n modules listed in filename will be excluded\r\n from checks. Valid module names are the module\r\n names themselves without the check.\r\n (e.g. set not checkset) the check.\r\n<\/pre>\n