#!/bin/csh
############################################################
############################################################
#!/bin/csh
#
#
# -------------------------------------
# UNIX Audit Script
# -------------------------------------
#
# 10/04 - Header and text objects defined - LV / BR / PM / CW - eyversion 1.0.0
# 12/04 - Header refined - BR - eyversion 1.1.0
# 01/05 - Header refined - BR - eyversion 1.2.0
# 05/05 - HTML Definitions Addedd - PM - eyversion 1.3.0
# 06/06 - Header refined - MT - eyversion 1.4.0
# 02/07 - Header refined to create unique output folders - MT - eyversion 1.5.0
# 09/07 - Corrected footer to fix Sybase output problems. - JW - eyversion 1.6.0
# =============================================================
#set -x
onintr quit
set prompt="Press <Return> to continue"
set eyversion=1.6.0
set UNAMEa=`uname -a`
set basedir=/tmp/eyscan
set HOSTNAME=`hostname`
set INDEXF=index.html
#set SYSTEMF=system.out.txt
set SYSTEMF=system.html
#set SPECIFICF=specific.out.txt
set SPECIFICF=specific.html
main:
while (1)
clear
echo " ---------------------------------------------------"
echo " Ernst & Young LLP "
echo " Copyright - 2006 "
echo " ---------------------------------------------------"
echo " Please make your selection from the options below: "
echo ""
echo " 1) Run the script on this host "
echo " 2) Copyright Information "
echo " 3) Exit "
echo ""
echo -n " Enter Selection: "
set OUTPUTTYPE=$<
switch ($OUTPUTTYPE)
case 1:
goto systemtype
case 2:
goto CopyRight
case 3:
exit
default:
clear
echo "Invalid selection"
echo -n "$prompt"
tmp=$<
goto main
endsw
end
CopyRight:
clear
echo ""
echo " ---------------------------------------------------"
echo " This script is privileged and/or confidential, and the developers do not"
echo " waive any related rights. Any distribution, use, or copying of this"
echo " script or the information it contains by other than the intended"
echo " user is unauthorized. If you received this script in error, please advise"
echo " Ernst & Young LLP immediately."
echo " "
echo " ---------------------------------------------------"
sleep 5
goto main
systemtype:
clear
echo " ---------------------------------------------------"
echo " Ernst & Young LLP "
echo " Copyright - 2006 "
echo " ---------------------------------------------------"
echo " Please select the system type: "
echo ""
echo " 1) Linux "
echo " 2) All other Unix flavors "
echo " 3) Sybase Database "
echo ""
echo -n " Enter Selection: "
set OUTPUTTYPE=$<
switch ($OUTPUTTYPE)
case 1:
set case=1
goto systeminfo1
case 2:
set case=2
goto systeminfo2
case 3:
set case=3
goto dbinfo
default:
clear
echo "Invalid selection"
echo -n "$prompt"
tmp=$<
goto systemtype
endsw
end
systeminfo1:
clear
echo ""
echo " ---------------------------------------------------"
echo " Ernst & Young LLP "
echo " Copyright - 2006 "
echo " ---------------------------------------------------"
echo " Please enter some of the system specifics "
echo ""
echo -n " 1) Please enter a unique output folder name : "
set outfolder = `head -1`
set outdir = ${basedir}/${outfolder}
echo -n " 2) What is the Operating System Version?: "
set version = `head -1`
echo -n " 3) What is the System Hostname?: "
set sysname = `head -1`
echo -n " 4) What is the Administrator's Name?: "
set adminname = `head -1`
echo -n " 5) What is the Client's Name?: "
set clientname = `head -1`
echo -n " 6) Enter Auditor's Full Name: "
set auditorname = `head -1`
echo -n " 7) Enter Server Information / Note To Auditor: "
set servinfo = `head -1`
clear
echo ""
echo " ---------------------------------------------------"
echo " Ernst & Young LLP Script - ${eyversion} "
echo " Copyright - 2006 "
echo " ---------------------------------------------------"
echo " System specifics "
echo " "
echo " 1) Output directory: ${outdir}"
echo " 2) OS Version Number: ${version}"
echo " 3) System Name: ${sysname}"
echo " 4) Administrator's Name: ${adminname}"
echo " 5) Client's Name: ${clientname}"
echo " 6) Auditor's Full Name: ${auditorname}"
echo " 7) Server Information / Note To Auditor: ${servinfo}"
echo ""
echo -n " Is the above information correct? [y/n]: "
set ans=$<
#
if (!(($ans == "y") || ($ans == "Y"))) then
clear
goto systeminfo1
else
clear
goto Query
endif
systeminfo2:
clear
echo ""
echo " ---------------------------------------------------"
echo " Ernst & Young LLP "
echo " Copyright - 2006 "
echo " ---------------------------------------------------"
echo " Please enter some of the system specifics "
echo " "
echo -n " 1) Please enter a unique output folder name: "
set outfolder = $<
set outdir = ${basedir}/${outfolder}
echo -n " 2) What is the Operating System Version?: "
set version = $<
echo -n " 3) What is the System Hostname?: "
set sysname = $<
echo -n " 4) What is the Administrator's Name?: "
set adminname = $<
echo -n " 5) What is the Client's Name?: "
set clientname = $<
echo -n " 6) Enter Auditor's Full Name: "
set auditorname = $<
echo -n " 7) Enter Server Information / Note To Auditor: "
set servinfo = $<
clear
echo ""
echo " ---------------------------------------------------"
echo " Ernst & Young LLP Script - ${eyversion} "
echo " Copyright - 2006 "
echo " ---------------------------------------------------"
echo " System specifics "
echo " "
echo " 1) Output directory: ${outdir}"
echo " 2) OS Version Number: ${version}"
echo " 3) System Name: ${sysname}"
echo " 4) Administrator's Name: ${adminname}"
echo " 5) Client's Name: ${clientname}"
echo " 6) Auditor's Full Name: ${auditorname}"
echo " 7) Server Information / Note To Auditor: ${servinfo}"
echo ""
echo -n " Is the above information correct? [y/n]: "
set ans=$<
#
if (!(($ans == "y") || ($ans == "Y"))) then
clear
goto systeminfo2
else
clear
goto Query
endif
dbinfo:
clear
echo ""
echo " ---------------------------------------------------"
echo " Ernst & Young LLP "
echo " Copyright - 2006 "
echo " ---------------------------------------------------"
echo " Please enter the database connection information "
echo " ---------------------------------------------------"
echo " Please enter the database connection information "
echo " "
echo " THIS INFORMATION WILL NOT BE SAVED! "
echo ""
echo -n " 1) Please enter a unique output folder name: "
set outfolder = `head -1`
set outdir = ${basedir}/${outfolder}
echo -n " 2) What is the Database Administrator username?: "
set admin_name = `head -1`
echo -n " 3) What is the Database Administrator password?: "
set admin_pword = `head -1`
echo -n " 4) What is the Database Name?: "
set db_name = `head -1`
clear
echo ""
echo " ---------------------------------------------------"
echo " Ernst & Young LLP Script - ${eyversion} "
echo " Copyright - 2006 "
echo " ---------------------------------------------------"
echo " Database connection information "
echo " "
echo " 1) Output directory: ${outdir}"
echo " 2) Administrator Name: ${admin_name}"
echo " 3) Administrator Password: ${admin_pword}"
echo " 4) Database Name: ${db_name}"
echo ""
echo -n " Is the above information correct? [y/n]: "
set ans=$<
#
if (!(($ans == "y") || ($ans == "Y"))) then
clear
goto dbinfo
else
clear
goto Query
endif
Query:
echo ""
echo " ---------------------------------------------------"
echo " Ernst & Young LLP Script - ${eyversion} "
echo " Copyright - 2006 "
echo " ---------------------------------------------------"
echo " The query script is now running. Please wait..."
echo ""
echo ""
sleep 3
#*** Set up output formatting.
#
# This component of the script ensures that the output directory and files are resident on the system being reviewed.
#
if (!(-d ${basedir})) then
mkdir -p ${basedir}
chmod 700 ${basedir}
mkdir -p ${outdir}
chmod 700 ${outdir}
else
mkdir -p ${outdir}
chmod 700 ${outdir}
endif
if $case != 3 then
set INDEXO=${outdir}/${INDEXF}
set SYSTEMO=${outdir}/${SYSTEMF}
set SPECIFICO=${outdir}/${SPECIFICF}
set TEXTO=${outdir}/ey-${HOSTNAME}.txt
touch ${INDEXO}
touch ${SPECIFICO}
touch ${SYSTEMO}
# Add new html output files to the list here:
echo "<html><head><title>specific.out</title></head><body><h1>Specific to this flavor of UNIX</h1><pre>" > ${SPECIFICO}
echo "<html><head><title>system.out</title></head><body><h1>System files</h1><pre>" > ${SYSTEMO}
echo "<html><head><title>UNIX Script</title></head><body><h1>EY UNIX Script</h1>" > ${INDEXO}
# End of new html output files
# System specifics to include on index page
#
echo "${UNAMEa}<br>" >>& ${INDEXO}
echo "<b>OS Version:</b> ${version}<br>">>& ${INDEXO}
echo "<b>Adminstrator:</b> ${adminname}<br>">>& ${INDEXO}
echo "<b>Client:</b> ${clientname}<br>">>& ${INDEXO}
echo "<b>Auditor's Full Name:</b> ${auditorname}<br>">>& ${INDEXO}
echo "<b>EY Script Version Number:</b> ${eyversion}<br>">>& ${INDEXO}
echo "<b>Server Information / Note To Auditor:</b> ${servinfo}<br><br><ul>">>& ${INDEXO}
echo '<a name=TopOfIndex>' >>& ${INDEXO}
endif
# Script finds and displays .hushlogin files
#
echo '<a name=Hush>' >>& ${SYSTEMO}
echo "Displaying .hushlogin files" >>& ${SYSTEMO}
echo '**************************' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
find / \( -fstype nfs -prune \) -o -name '.hushlogin' -exec ls -dal {} \; >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
# Script finds all .netrc files
#
echo '<a name=Netrc>' >>& ${SYSTEMO}
echo "Displaying .netrc files" >>& ${SYSTEMO}
echo '***********************' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
find / \( -fstype nfs -prune \) -o -name '*.netrc' -exec /usr/bin/ls -al {} \; -exec cat {} \; >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
# Script finds and displays .rhost files
#
echo '<a name=Rhost>' >>& ${SYSTEMO}
echo "Displaying .rhosts files" >>& ${SYSTEMO}
echo '************************' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
find / \( -fstype nfs -prune \) -o -name '*.rhosts' -print -exec ls -al {} \; -exec cat {} \; >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
# Script finds and displays unauthorized device files
#
echo '<a name=DeviceFiles>' >>& ${SYSTEMO}
echo "Displaying all device files" >>& ${SYSTEMO}
echo '************************************' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
find / \( -fstype nfs -prune \) -o \( -type c -o -type b \) -exec ls -al {} \; >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
# Script shows all executable files
#
echo '<a name=ExecutableFiles>' >>& ${SYSTEMO}
echo "Displaying executable files" >>& ${SYSTEMO}
echo '***************************' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
find / \( -fstype nfs -prune \) -o -type f \( -perm -100 -o -perm -010 -o -perm -001 \) -exec ls -al {} \; >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
# Script displays existence of SUID and SGID files
#
echo '<a name=SUID>' >>& ${SYSTEMO}
echo "Displaying SUID files" >>& ${SYSTEMO}
echo '*********************' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
find / \( -fstype nfs -prune \) -o -type f -perm -4000 -exec ls -dal {} \; >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
echo "Displaying SGID files" >>& ${SYSTEMO}
echo '*********************' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
find / \( -fstype nfs -prune \) -o -type f -perm -2000 -exec ls -dal {} \; >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
# Script displays files that are both world-writable and executable
#
echo '<a name=WorldWriteableFiles>' >>& ${SYSTEMO}
echo "Displaying files that are both world-writeable and executable" >>& ${SYSTEMO}
echo '*************************************************************' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
find / \( -fstype nfs -prune \) -o -type f -perm -00003 -exec ls -al {} \; >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
# Script displays all world writable directories
#
echo '<a name=WorldWriteableDirs>' >>& ${SYSTEMO}
echo "Displaying world writable directories" >>& ${SYSTEMO}
echo '*************************************' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
find / \( -fstype nfs -prune \) -o -type d -perm -2 -exec ls -dlL {} \; >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
# Script displays all world writable files
#
echo '<a name=WorldWriteableFiles2>' >>& ${SYSTEMO}
echo "Displaying world writable files" >>& ${SYSTEMO}
echo '*******************************' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
find / \( -fstype nfs -prune \) -o -type f -perm -2 -exec ls -dlL {} \; >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
# Script displays open ports and open port numbers
#
echo '<a name=OpenPorts>' >>& ${SYSTEMO}
echo "Open ports" >>& ${SYSTEMO}
echo "Displaying netstat -a" >>& ${SYSTEMO}
echo '*********************' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
netstat -a >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
#
echo "Open port numbers" >>& ${SYSTEMO}
echo "Displaying netstat -an" >>& ${SYSTEMO}
echo '**********************' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
netstat -an >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
# Script displays file permissions of /dev
#
echo '<a name=PermissionsDev>' >>& ${SYSTEMO}
echo "Displaying file permissions of /dev" >>& ${SYSTEMO}
echo '***********************************' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
if ( -d /dev) then
ls -al /dev >>& ${SYSTEMO}
else
echo "No /dev directory found" >>& ${SYSTEMO}
endif
echo '' >>& ${SYSTEMO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
# Script displays /etc/group file
#
echo '<a name=Group>' >>& ${SYSTEMO}
echo "Displaying /etc/group" >>& ${SYSTEMO}
echo '*********************' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
if ( -f /etc/group) then
cat /etc/group >>& ${SYSTEMO}
else
echo "No /etc/group file found" >>& ${SYSTEMO}
endif
echo '' >>& ${SYSTEMO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
# Script shows user account information
#
echo '<a name=LoginDefs>' >>& ${SYSTEMO}
echo "Displaying /etc/login.defs" >>& ${SYSTEMO}
echo '**************************' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
cat /etc/login.defs >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
# Displays sendmail configuration info
#
echo '<a name=SendmailConf>' >>& ${SYSTEMO}
echo "Displaying /etc/mail/sendmail.cf" >>& ${SYSTEMO}
echo '********************************' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
if ( -f /etc/mail/sendmail.cf ) then
cat /etc/mail/sendmail.cf >>& ${SYSTEMO}
else
echo "No /etc/mail/sendmail.cf file found" >>& ${SYSTEMO}
endif
echo '' >>& ${SYSTEMO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
# Script displays /etc/named.conf file
#
echo '<a name=NamedConf>' >>& ${SYSTEMO}
echo "Displaying /etc/named.conf" >>& ${SYSTEMO}
echo '**************************' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
if ( -f /etc/named.conf) then
cat /etc/named.conf >>& ${SYSTEMO}
else
echo "No /etc/named.conf file found" >>& ${SYSTEMO}
endif
echo '' >>& ${SYSTEMO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
# Script displays /etc/pam.d/system-auth file
#
echo '<a name=PamdSys>' >>& ${SYSTEMO}
echo "Displaying etc/pam.d/system-auth" >>& ${SYSTEMO}
echo '********************************' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
if ( -f /etc/pam.d/system-auth ) then
cat /etc/pam.d/system-auth >>& ${SYSTEMO}
else
echo "No /etc/pam.d/system-auth file found" >>& ${SYSTEMO}
endif
echo '' >>& ${SYSTEMO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
# Script displays /etc/passwd file
#
echo '<a name=DisplayPasswdFile>' >>& ${SYSTEMO}
echo "Displaying /etc/passwd" >>& ${SYSTEMO}
echo '**********************' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
if ( -f /etc/passwd) then
cat /etc/passwd >>& ${SYSTEMO}
else
echo "No /etc/passwd file found" >>& ${SYSTEMO}
endif
echo '' >>& ${SYSTEMO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
# Script displays /etc/profile file
#
echo '<a name=Profile>' >>& ${SYSTEMO}
echo "Displaying /etc/profile" >>& ${SYSTEMO}
echo '***********************' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
if ( -f /etc/profile) then
cat /etc/profile >>& ${SYSTEMO}
else
echo "No /etc/profile file found" >>& ${SYSTEMO}
endif
echo '' >>& ${SYSTEMO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
# Script displays /etc/shadow file
#
echo '<a name=Shadow>' >>& ${SYSTEMO}
echo "Displaying /etc/shadow" >>& ${SYSTEMO}
echo '**********************' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
if ( -f /etc/shadow) then
cat /etc/shadow >>& ${SYSTEMO}
else
echo "No /etc/shadow file found" >>& ${SYSTEMO}
endif
echo '' >>& ${SYSTEMO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
# Script displays /etc/shells file
#
echo '<a name=Shells>' >>& ${SYSTEMO}
echo "Displaying /etc/shells" >>& ${SYSTEMO}
echo '**********************' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
if ( -f /etc/shells) then
cat /etc/shells >>& ${SYSTEMO}
else
echo "No /etc/shells file found" >>& ${SYSTEMO}
endif
echo '' >>& ${SYSTEMO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
# Script displays /etc/syslog.conf file
#
echo '<a name=Syslog>' >>& ${SYSTEMO}
echo "Displaying /etc/syslog.conf" >>& ${SYSTEMO}
echo '***************************' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
if ( -f /etc/syslog.conf) then
cat /etc/syslog.conf >>& ${SYSTEMO}
else
echo "No /etc/syslog.conf file found" >>& ${SYSTEMO}
endif
echo '' >>& ${SYSTEMO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
# Script displays vsftpd.conf file
#
echo '<a name=VsftpdConf>' >>& ${SYSTEMO}
echo "Displaying /etc/vsftpd/vsftpd.conf" >>& ${SYSTEMO}
echo '************************************' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
if ( -f /etc/vsftpd/vsftpd.conf) then
cat /etc/vsftpd/vsftpd.conf >>& ${SYSTEMO}
else
echo "No /etc/vsftpd/vsftpd.conf file found" >>& ${SYSTEMO}
endif
echo '' >>& ${SYSTEMO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
# Script displays /ftpusers file
#
echo '<a name=Ftpusers>' >>& ${SYSTEMO}
echo "Displaying contents of /ftpusers" >>& ${SYSTEMO}
echo '********************************' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
find /etc \( -fstype nfs -prune \) -o -name ftpusers -exec cat {} \; >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
# Script checks for services
#
echo '<a name=ChkConfig>' >>& ${SYSTEMO}
echo "Displaying /sbin/chkconfig --list" >>& ${SYSTEMO}
echo '*********************************' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
/sbin/chkconfig --list >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
# Displays 'ifconfig -a' to check for a promiscuous mode NIC
#
echo '<a name=Ifconfig>' >>& ${SYSTEMO}
echo "Displaying 'ifconfig -a'" >>& ${SYSTEMO}
echo '************************' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
ifconfig -a >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
# Script displays /usr/bin/last file
#
echo '<a name=Last>' >>& ${SYSTEMO}
echo "Displaying /usr/bin/last" >>& ${SYSTEMO}
echo '************************' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
last >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
echo "Displaying previous /usr/bin/last files" >>& ${SYSTEMO}
echo '***************************************' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
if ( -f /var/log/wtmp.1 ) then
last -f /var/log/wtmp.* >>& ${SYSTEMO}
else
echo "No previous '/usr/bin/last' file found" >>& ${SYSTEMO}
endif
echo '' >>& ${SYSTEMO}
# Script displays ypcat passwd file
#
echo '<a name=Ypcat>' >>& ${SYSTEMO}
echo "Displaying ypcat passwd" >>& ${SYSTEMO}
echo '***********************' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
ypcat passwd >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
# Script displays /var/log/messages
#
echo '<a name=Messages>' >>& ${SYSTEMO}
echo "Displaying /var/log/messages" >>& ${SYSTEMO}
echo '****************************' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
if ( -f /var/log/messages ) then
cat /var/log/messages >>& ${SYSTEMO}
else
echo "No /var/log/messages file found" >>& ${SYSTEMO}
endif
echo '' >>& ${SYSTEMO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
# Script displays /var/log/secure file
#
echo '<a name=Secure>' >>& ${SYSTEMO}
echo "Displaying /var/log/secure" >>& ${SYSTEMO}
echo '**************************' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
if ( -f /var/log/secure) then
cat /var/log/secure >>& ${SYSTEMO}
else
echo "No /var/log/secure file found" >>& ${SYSTEMO}
endif
echo '' >>& ${SYSTEMO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
# Script displays ftp configuration files
#
echo '<a name=Vsftpd>' >>& ${SYSTEMO}
echo "Displaying /etc/vsftpd.ftpusers" >>& ${SYSTEMO}
echo '*******************************' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
if ( -f /etc/vsftpd.ftpusers ) then
cat /etc/vsftpd.ftpusers >>& ${SYSTEMO}
else
echo "No /etc/vsftpd.ftpusers file found" >>& ${SYSTEMO}
endif
echo '' >>& ${SYSTEMO}
echo "Displaying /etc/ftpaccess" >>& ${SYSTEMO}
echo '*************************' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
if ( -f /etc/ftpaccess ) then
cat /etc/ftpaccess >>& ${SYSTEMO}
else
echo "No /etc/ftpaccess file found" >>& ${SYSTEMO}
endif
echo '' >>& ${SYSTEMO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
# Script finds all executable files and shows group permissions
#
# Access to Administration Tools and System Utilities Step 1
#
echo '<li><a href=specific.html#AdminTools2>Access to Administration Tools and System Utilities</a>' >>& ${INDEXO}
echo '<a name=AdminTools2>' >>& ${SPECIFICO}
echo "Access to Administration Tools and System Utilities Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#ExecutableFiles>executable</a>' files in Section 2" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Access to Administration Tools and System Utilities Step 3
#
echo "Access to Administration Tools and System Utilities Step 3" >>& ${SPECIFICO}
echo "See '<a href=system.html#Group>/etc/group</a>' file in Section 2" >>& ${SPECIFICO}
echo '**********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script checks the BIND service and configuration file
#
# Access to DNS Queries Step 1
#
echo '<li><a href=specific.html#DnsQueries4>Access to DNS Queries</a>' >>& ${INDEXO}
echo '<a name=DnsQueries4>' >>& ${SPECIFICO}
echo "Access to DNS Queries Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#OpenPorts>netstat -an</a>' file in Section 2" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Access to DNS Queries Step 2
#
echo "Access to DNS Queries Step 2" >>& ${SPECIFICO}
echo "See '<a href=system.html#NamedConf>/etc/named.conf</a>' file in Section 2" >>& ${SPECIFICO}
echo '***************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script checks for FTP service
#
# Access to the FTP Service Step 1
#
echo '<li><a href=specific.html#FtpService>Access to the FTP Service</a>' >>& ${INDEXO}
echo '<a name=FtpService>' >>& ${SPECIFICO}
echo "Access to the FTP Service Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#ChkConfig>chkconfig --list</a>' in Section 2" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Access to the FTP Service Step 2
#
echo "Access to the FTP Service Step 2" >>& ${SPECIFICO}
echo "See '<a href=system.html#Vsftpd>vsftpd.ftpusers</a>' in Section 2" >>& ${SPECIFICO}
echo '********************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Access to the FTP Service Step 2
#
echo "Access to the FTP Service Step 2" >>& ${SPECIFICO}
echo "See '<a href=system.html#Vsftpd>/ftpaccess</a>' in Section 2" >>& ${SPECIFICO}
echo '**************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Access to the FTP Service Step 2
#
echo "Access to the FTP Service Step 2" >>& ${SPECIFICO}
echo "See '<a href=system.html#Ftpusers>/ftpusers</a>' file in Section 2" >>& ${SPECIFICO}
echo '*************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script checks if accounts can be locked
#
# Account Lockout Step 1
#
echo '<li><a href=specific.html#AccountLockout5>Account Lockout</a>' >>& ${INDEXO}
echo '<a name=AccountLockout5>' >>& ${SPECIFICO}
echo "Account Lockout Step 1" >>& ${SPECIFICO}
echo "Displaying /var/log/faillog" >>& ${SPECIFICO}
echo '***************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
if ( -f /var/log/faillog ) then
ls -al /var/log/faillog >>& ${SPECIFICO}
else
echo "No /var/log/faillog file found" >>& ${SPECIFICO}
endif
echo '' >>& ${SPECIFICO}
# Account Lockout Step 2
#
echo "Account Lockout Step 2" >>& ${SPECIFICO}
echo "Displaying login configuration files in /etc/pam.d" >>& ${SPECIFICO}
echo '**************************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
ls /etc/pam.d/gdm >>& ${SPECIFICO}
cat /etc/pam.d/gdm >>& ${SPECIFICO}
ls /etc/pam.d/ftp >>& ${SPECIFICO}
cat /etc/pam.d/ftp >>& ${SPECIFICO}
ls /etc/pam.d/login >>& ${SPECIFICO}
cat /etc/pam.d/login >>& ${SPECIFICO}
ls /etc/pam.d/rlogin >>& ${SPECIFICO}
cat /etc/pam.d/rlogin >>& ${SPECIFICO}
ls /etc/pam.d/sshd >>& ${SPECIFICO}
cat /etc/pam.d/sshd >>& ${SPECIFICO}
ls /etc/pam.d/system-auth >>& ${SPECIFICO}
cat /etc/pam.d/system-auth >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script shows user accounts on the system
#
# Administration Roles Step 1
#
echo '<li><a href=specific.html#AdministrationRoles>Administration Roles</a>' >>& ${INDEXO}
echo '<a name=AdministrationRoles>' >>& ${SPECIFICO}
echo "Administration Roles Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#DisplayPasswdFile>/etc/passwd</a>' file in Section 2" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script checks for administrator remote login
#
# Administrator Login Over the Network Step 1
#
echo "Administrator Login Over the Network Step 1" >>& ${SPECIFICO}
echo "Displaying /etc/security/access.conf" >>& ${SPECIFICO}
echo '************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
if ( -f /etc/security/access.conf ) then
cat /etc/security/access.conf >>& ${SPECIFICO}
else
echo "No /etc/security/access.conf file found" >>& ${SPECIFICO}
endif
echo '' >>& ${SPECIFICO}
# Administrator Login Over the Network Step 2
#
echo "Administrator Login Over the Network Step 2" >>& ${SPECIFICO}
echo "See '<a href=system.html#Group>/etc/group</a>' file in Section 2" >>& ${SPECIFICO}
echo '**********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Administrator Login Over the Network Step 3
#
echo "Administrator Login Over the Network Step 3" >>& ${SPECIFICO}
echo "See '<a href=system.html#Secure>/var/log/secure</a>' file in Section 2" >>& ${SPECIFICO}
echo '***************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
# Script checks for FTP service
#
# Anonymous Login to FTP Step 1
#
echo '<li><a href=specific.html#AnonymousLoginFTP2>Anonymous Login to FTP</a>' >>& ${INDEXO}
echo '<a name=AnonymousLoginFTP2>' >>& ${SPECIFICO}
echo "Anonymous Login to FTP Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#ChkConfig>chkconfig --list</a>' in Section 2" >>& ${SPECIFICO}
echo '**********************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Anonymous Login to FTP Step 2
#
echo "Anonymous Login to FTP Step 2" >>& ${SPECIFICO}
echo "See '<a href=system.html#Vsftpd>vsftpd.ftpusers</a>' in Section 2" >>& ${SPECIFICO}
echo '********************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Anonymous Login to FTP Step 2
#
echo "Anonymous Login to FTP Step 2" >>& ${SPECIFICO}
echo "See '<a href=system.html#Vsftpd>/ftpaccess</a>' in Section 2" >>& ${SPECIFICO}
echo '**************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Anonymous Login to FTP Step 2
#
echo "Anonymous Login to FTP Step 2" >>& ${SPECIFICO}
echo "See '<a href=system.html#Ftpusers>/ftpusers</a>' file in Section 2" >>& ${SPECIFICO}
echo '*************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script checks for scheduled cron jobs and backups
#
# Auditing: Backup and Restore Step 2
#
echo '<li><a href=specific.html#AuditBackup2>Auditing: Backup and Restore</a>' >>& ${INDEXO}
echo '<a name=AuditBackup2>' >>& ${SPECIFICO}
echo "Auditing: Backup and Restore Step 2" >>& ${SPECIFICO}
echo "Displaying /etc/crontab" >>& ${SPECIFICO}
echo '***********************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
cat /etc/crontab >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Auditing: Backup and Restore Step 3
#
echo "Auditing: Backup and Restore Step 3" >>& ${SPECIFICO}
echo "Displaying permissions of /var/spool/cron jobs" >>& ${SPECIFICO}
echo '**********************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
if ( -d /var/spool/cron ) then
ls -al /var/spool/cron >>& ${SPECIFICO}
else
echo "No /var/spool/cron directory found" >>& ${SPECIFICO}
endif
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script checks permissions to the C compilers
#
# C Compiler Step 1
#
echo '<li><a href=specific.html#CCompiler>C Compiler</a>' >>& ${INDEXO}
echo '<a name=CCompiler>' >>& ${SPECIFICO}
echo "C Compiler Step 1" >>& ${SPECIFICO}
echo "Displaying permissions of /usr/bin/gcc" >>& ${SPECIFICO}
echo '**************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
if ( -f /usr/bin/gcc ) then
ls -al /usr/bin/gcc >>& ${SPECIFICO}
else
echo "No /usr/bin/gcc file found" >>& ${SPECIFICO}
endif
echo '' >>& ${SPECIFICO}
# C Compiler Step 1
#
echo "C Compiler Step 1" >>& ${SPECIFICO}
echo "Displaying permissions of /usr/bin/cc" >>& ${SPECIFICO}
echo '*************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
if ( -f /usr/bin/cc ) then
ls -al /usr/bin/cc >>& ${SPECIFICO}
else
echo "No /usr/bin/cc" >>& ${SPECIFICO}
endif
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script checks log file for clock synchronization
#
# Clock Synchronization Step 1
#
echo '<li><a href=specific.html#ClockSynchornization3>Clock Synchronization</a>' >>& ${INDEXO}
echo '<a name=ClockSynchornization3>' >>& ${SPECIFICO}
echo "Clock Synchronization Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#Messages>/var/log/messages</a>' file in Section 2" >>& ${SPECIFICO}
echo '*****************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Displays account access
#
# Command Line Access Step 1
#
echo '<li><a href=specific.html#CommandLineAccess12>Command Line Access</a>' >>& ${INDEXO}
echo '<a name=CommandLineAccess2>' >>& ${SPECIFICO}
echo "Command Line Access Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#DisplayPasswdFile>/etc/passwd</a>' file in Section 2" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Command Line Access Step 2
#
echo "Command Line Access Step 2" >>& ${SPECIFICO}
echo "Displaying shell files for bash users" >>& ${SPECIFICO}
echo '*************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
find /home \( -fstype nfs -prune \) -o \( -name .bash_profile -o -name .bashrc \) -print -exec ls -al {} \; -exec cat {} \; >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Command Line Access Step 3
#
echo "Command Line Access Step 3" >>& ${SPECIFICO}
echo "Displaying shell files for korn, shell, bourne, and trusted users" >>& ${SPECIFICO}
echo '*****************************************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
find /home \( -fstype nfs -prune \) -o -name .profile -print -exec ls -al {} \; -exec cat {} \; >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Command Line Access Step 4
#
echo "Command Line Access Step 4" >>& ${SPECIFICO}
echo "Displaying shell files for c-shell users" >>& ${SPECIFICO}
echo '****************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
find /home \( -fstype nfs -prune \) -o \( -name .cshrc -o -name .login -o -name .logout \) -print -exec ls -al {} \; -exec cat {} \; >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Command Line Access Step 5
#
echo "Command Line Access Step 5" >>& ${SPECIFICO}
echo "See '<a href=system.html#Vsftpd>vsftpd.ftpusers</a>' in Section 2" >>& ${SPECIFICO}
echo '********************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Command Line Access Step 5
#
echo "Command Line Access Step 5" >>& ${SPECIFICO}
echo "See '<a href=system.html#Vsftpd>/ftpaccess</a>' in Section 2" >>& ${SPECIFICO}
echo '**************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Command Line Access Step 5
#
echo "Command Line Access Step 5" >>& ${SPECIFICO}
echo "See '<a href=system.html#Ftpusers>/ftpusers</a>' file in Section 2" >>& ${SPECIFICO}
echo '*********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script checks for SUID, SGID, and world-writable file/directory information
#
# Configuration Checklist Step 1
#
echo '<li><a href=specific.html#ConfigCheck>Configuration Checklist</a>' >>& ${INDEXO}
echo '<a name=ConfigCheck>' >>& ${SPECIFICO}
echo "Configuration Checklist Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#SUID>SUID and SGID</a>' files in Section 2" >>& ${SPECIFICO}
echo '**************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Configuration Checklist Step 2
#
echo "Configuration Checklist Step 2" >>& ${SPECIFICO}
echo "See '<a href=system.html#WorldWriteableDirs>world writable directories</a>' in Section 2" >>& ${SPECIFICO}
echo '*********************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Configuration Checklist Step 2
#
echo "Configuration Checklist Step 2" >>& ${SPECIFICO}
echo "See '<a href=system.html#WorldWriteableFiles>world writable</a>' files in Section 2" >>& ${SPECIFICO}
echo '***************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Configuration Checklist Step 3
#
echo "Configuration Checklist Step 3" >>& ${SPECIFICO}
echo "<a href=system.html#Netstat>See 'netstat -a</a>' file in Section 2" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script displays file permissions and contents of /etc/hosts.equiv
#
# Control Trust Relationships Step 1
#
echo '<li><a href=specific.html#ControlTrustRelationships>Control Trust Relationships</a>' >>& ${INDEXO}
echo '<a name=ControlTrustRelationships>' >>& ${SPECIFICO}
echo "Control Trust Relationships Step 1" >>& ${SPECIFICO}
echo "Displaying permissions and contents of /etc/hosts.equiv" >>& ${SPECIFICO}
echo '**********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
if ( -f /etc/hosts.equiv ) then
ls -l /etc/hosts.equiv >>& ${SPECIFICO}
cat /etc/hosts.equiv >>& ${SPECIFICO}
else
echo "No /etc/hosts.equiv file found" >>& ${SPECIFICO}
endif
echo '' >>& ${SPECIFICO}
# Script finds all files with world writeable permissions
#
# Data File Permissions Step 1
#
echo '<li><a href=specific.html#DataFile>Data File Permissions</a>' >>& ${INDEXO}
echo '<a name=DataFile>' >>& ${SPECIFICO}
echo "Data File Permissions Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#WorldWriteableFiles>world writable</a>' files in Section 2" >>& ${SPECIFICO}
echo '***************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script displays password status for accounts and NIS/NIS+, if applicable
#
# Default Accounts Step 1
#
echo '<li><a href=specific.html#DefaultAccounts4>Default Accounts</a>' >>& ${INDEXO}
echo '<a name=DefaultAccounts4>' >>& ${SPECIFICO}
echo "Default Accounts Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#Shadow>/etc/shadow</a>' file in Section 2" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Default Accounts Step 2
#
echo "Default Accounts Step 2" >>& ${SPECIFICO}
echo "See '<a href=system.html#Ypcat>/usr/bin/ypcat passwd</a>' file in Section 2" >>& ${SPECIFICO}
echo '************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script displays system umask value and users utilizing other umask values
#
# Default Umask Value Step 1
#
echo '<li><a href=specific.html#DefaultUmaskValue5>Default Umask Value</a>' >>& ${INDEXO}
echo '<a name=DefaultUmaskValue5>' >>& ${SPECIFICO}
echo "Default Umask Value Step 1" >>& ${SPECIFICO}
echo "Displaying /etc/bashrc" >>& ${SPECIFICO}
echo '**********************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
if ( -f /etc/bashrc ) then
cat /etc/bashrc >>& ${SPECIFICO}
else
echo "No /etc/bashrc file found" >>& ${SPECIFICO}
endif
echo '' >>& ${SPECIFICO}
# Default Umask Value Step 1
#
echo "Default Umask Value Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#Profile>/etc/profile</a>' file in Section 2" >>& ${SPECIFICO}
echo '************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Default Umask Value Step 2
#
echo "Default Umask Value Step 2" >>& ${SPECIFICO}
echo "Displaying user login scripts that define umask" >>& ${SPECIFICO}
echo '***********************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
/bin/grep -r umask /home/*/.bashrc >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script shows OS system and program info
#
# Denial of Service Attacks Step 1
#
echo '<li><a href=specific.html#DenialOfServiceAttacks4>Denial of Service Attacks</a>' >>& ${INDEXO}
echo '<a name=DenialOfServiceAttacksStep1>' >>& ${SPECIFICO}
echo "Denial of Service Attacks Step 1" >>& ${SPECIFICO}
echo "Displaying /sbin/sysctl -a" >>& ${SPECIFICO}
echo '**************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
/sbin/sysctl -a >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Denial of Service Attacks Step 2
#
echo "Denial of Service Attacks Step 2" >>& ${SPECIFICO}
echo "Displaying /bin/rpm -qva" >>& ${SPECIFICO}
echo '************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
/bin/rpm -qva >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script displays file permissions of device files
#
# Device Permissions Step 1
#
echo '<li><a href=specific.html#DevicePermissions4>Device Permissions</a>' >>& ${INDEXO}
echo '<a name=DevicePermissions4>' >>& ${SPECIFICO}
echo "Device Permissions Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#PermissionsDev>file permissions of /dev</a>' in Section 2" >>& ${SPECIFICO}
echo '*******************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# # Device Permissions Step 2
#
echo "Device Permissions Step 2" >>& ${SPECIFICO}
echo "See 'all device files' in Section 2" >>& ${SPECIFICO}
echo "See '<a href=system.html#DeviceFiles>all device files</a>' in Section 2" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script displays mounted directories
#
# Directories Mounted with the 'nosuid' Option Step 1
#
echo '<li><a href=specific.html#NoSuid3>Directories Mounted with the 'nosuid' Option</a>' >>& ${INDEXO}
echo '<a name=NoSuid3>' >>& ${SPECIFICO}
echo "Directories Mounted with the 'nosuid' Option Step 1" >>& ${SPECIFICO}
echo "Displaying /bin/mount" >>& ${SPECIFICO}
echo '*********************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
/bin/mount >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script checks for and displays /etc/named.conf
#
# DNS Secure Updates Step 1
#
echo '<li><a href=specific.html#DnsSecure>DNS Secure Updates</a>' >>& ${INDEXO}
echo '<a name=DnsSecure>' >>& ${SPECIFICO}
echo "DNS Secure Updates Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#NamedConf>/etc/named.conf</a>' file in Section 2" >>& ${SPECIFICO}
echo '***************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script displays configuration file to review for access to DNS zone transfers
#
# DNS Zone Transfers Step 1
#
echo '<li><a href=specific.html#DnsZoneTransfers>DNS Zone Transfers</a>' >>& ${INDEXO}
echo '<a name=DnsZoneTransfers>' >>& ${SPECIFICO}
echo "DNS Zone Transfers Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#NamedConf>/etc/named.conf</a>' file in Section 2" >>& ${SPECIFICO}
echo '****************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Displays /etc/shells file and /etc/passwd file to check for valid shells
#
# Domain-Wide NIS Access Step 1
#
echo '<li><a href=specific.html#DomainWideNISAccess>Domain-Wide NIS Access</a>' >>& ${INDEXO}
echo '<a name=DomainWideNISAccess>' >>& ${SPECIFICO}
echo "Domain-Wide NIS Access Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#Shells>/etc/shells</a>' file in Section 2" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Domain-Wide NIS Access Step 2
#
echo "Domain-Wide NIS Access Step 2" >>& ${SPECIFICO}
echo "See '<a href=system.html#DisplayPasswdFile>/etc/passwd</a>' file in Section 2" >>& ${SPECIFICO}
echo '******************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Displays '/usr/bin/ypcat passwd' file to review for domain wide root accounts
#
# Domain-Wide Root Account Step 1
#
echo '<li><a href=specific.html#RootAccount>Domain-Wide Root Account</a>' >>& ${INDEXO}
echo '<a name=RootAccount>' >>& ${SPECIFICO}
echo "Domain-wide Root Account Step 1">>& ${SPECIFICO}
echo "See '<a href=system.html#Ypcat>ypcat passwd</a>' file in Section 2" >>& ${SPECIFICO}
echo '************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script checks last user logins for dormant accounts
#
# Dormant Accounts Step 1
#
echo '<li><a href=specific.html#DormantAccounts2>Dormant Accounts</a>' >>& ${INDEXO}
echo '<a name=DormantAccounts2>' >>& ${SPECIFICO}
echo "Dormant Accounts Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#Last>/usr/bin/last</a>' file in Section 2" >>& ${SPECIFICO}
echo '*************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Dormant Accounts Step 1
#
echo "Dormant Accounts Step 1" >>& ${SPECIFICO}
echo "See previous '<a href=system.html#Last>/usr/bin/last</a>' files in Section 2" >>& ${SPECIFICO}
echo '***********************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script checks filesystem information
# Encrypt File System Step 1
#
echo '<li><a href=specific.html#EncryptFile>Encrypt File System</a>' >>& ${INDEXO}
echo '<a name=EncryptFile>' >>& ${SPECIFICO}
echo "Encrypt File System Step 1" >>& ${SPECIFICO}
echo "Displaying /etc/fstab" >>& ${SPECIFICO}
echo '*********************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
cat /etc/fstab >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script shows event log statistics
#
# Event Log Disk Space Step 1
#
echo '<li><a href=specific.html#EventLog2>Event Log Disk Space</a>' >>& ${INDEXO}
echo '<a name=EventLog2>' >>& ${SPECIFICO}
echo "Event Log Disk Space Step 1" >>& ${SPECIFICO}
echo "Displaying df -k" >>& ${SPECIFICO}
echo '****************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
df -k >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script checks for and displays /etc/exports
#
# Exported File Permissions Step 1
#
echo '<li><a href=specific.html#ExportedFilePermissions2>Exported File Permissions</a>' >>& ${INDEXO}
echo '<a name=ExportedFilePermissions2>' >>& ${SPECIFICO}
echo "Exported File Permissions Step 1" >>& ${SPECIFICO}
echo "Displaying /etc/exports" >>& ${SPECIFICO}
echo '***********************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
if ( -f /etc/exports ) then
cat /etc/exports >>& ${SPECIFICO}
else
echo "No /etc/exports file found" >>& ${SPECIFICO}
endif
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script shows file permissions
#
# File Permissions Step 1
#
echo '<li><a href=specific.html#FilePermissions3>File Permissions</a>' >>& ${INDEXO}
echo '<a name=FilePermissions3>' >>& ${SPECIFICO}
echo "File Permissions Step 1" >>& ${SPECIFICO}
echo "Displaying root path variable" >>& ${SPECIFICO}
echo '*****************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
/bin/echo $PATH >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# File Permissions Step 2
#
echo "File Permissions Step 2" >>& ${SPECIFICO}
echo "See '<a href=system.html#WorldWriteableDirs>world writable directories</a>' in Section 2" >>& ${SPECIFICO}
echo '*********************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# File Permissions Step 4
#
echo "File Permissions Step 4" >>& ${SPECIFICO}
echo "See '<a href=system.html#WorldWriteableFiles>world writable and executable</a>' files in Section 2" >>& ${SPECIFICO}
echo '******************************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script checks for FTP Logging
# FTP Logging Step 1
#
echo '<li><a href=specific.html#FtpLogging2>FTP Logging</a>' >>& ${INDEXO}
echo '<a name=FtpLogging2>' >>& ${SPECIFICO}
echo "FTP Logging Step 1" >>& ${SPECIFICO}
echo "See '/etc/vsftpd/vsftpd.conf' file in Section 2" >>& ${SPECIFICO}
echo '***********************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# FTP Logging Step 1
#
echo "FTP Logging Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#Vsftpd>/ftpaccess</a>' in Section 2" >>& ${SPECIFICO}
echo '**************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# FTP Logging Step 1
#
echo "FTP Logging Step 1" >>& ${SPECIFICO}
echo "Displaying /etc/xinetd.d/wu-ftpd" >>& ${SPECIFICO}
echo '********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
cat /etc/xinetd.d/wu-ftpd >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Displays different account information to check for generic accounts
#
# Generic Accounts Step 1
#
echo '<li><a href=specific.html#GenericAccounts>Generic Accounts</a>' >>& ${INDEXO}
echo '<a name=GenericAccounts>' >>& ${SPECIFICO}
echo "Generic Accounts Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#DisplayPasswdFile>/etc/passwd</a>' file in Section 2" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Generic Accounts Step 1
#
echo "Generic Accounts Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#Ypcat>ypcat passwd</a>' file in Section 2" >>& ${SPECIFICO}
echo '************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Generic Accounts Step 2
#
echo "Generic Accounts Step 2" >>& ${SPECIFICO}
echo "See '<a href=system.html#Rosts>.rhosts</a>' files in Section 2" >>& ${SPECIFICO}
echo '********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Generic Accounts Step 3
#
echo "Generic Accounts Step 3" >>& ${SPECIFICO}
echo "See '<a href=system.html#Secure>/var/adm/secure</a>' file in Section 2" >>& ${SPECIFICO}
echo '**************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
cat /var/adm/secure >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Displays /etc/group file to be reviewed for group membership
#
# Group Management Step 1
#
echo '<li><a href=specific.html#GroupManagement>Group Management</a>' >>& ${INDEXO}
echo '<a name=GroupManagement>' >>& ${SPECIFICO}
echo "Group Management Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#Group>/etc/group</a>' file in Section 2" >>& ${SPECIFICO}
echo '**********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Displays etc/group file to be reviewed for group membership
#
# Group Membership Step 1
#
echo '<li><a href=specific.html#GroupMembership>Group Membership</a>' >>& ${INDEXO}
echo '<a name=GroupMembership>' >>& ${SPECIFICO}
echo "Group Membership Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#passwd>/etc/passwd</a>' file in Section 2" >>& ${SPECIFICO}
echo '**********************************' >>& ${SPECIFICO}
echo "Group Membership Step 2" >>& ${SPECIFICO}
echo "See '<a href=system.html#Group>/etc/group</a>' file in Section 2" >>& ${SPECIFICO}
echo '**********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Displays session and timeout information
#
# Idle Session Timeout Step 1
#
echo '<li><a href=specific.html#IdleSession2>Idle Session Timeout</a>' >>& ${INDEXO}
echo '<a name=IdleSession2>' >>& ${SPECIFICO}
echo "Idle Session Timeout Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#DisplayPasswdFile>/etc/passwd</a>' file in Section 2" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Idle Session Timeout Step 2
#
echo "Idle Session Timeout Step 2" >>& ${SPECIFICO}
echo "See '<a href=system.html#Profile>/etc/profile</a>' file in Section 2" >>& ${SPECIFICO}
echo '*******************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Idle Session Timeout Step 3
#
echo "Idle Session Timeout Step 3" >>& ${SPECIFICO}
echo "Displaying user login scripts that utilize an alternative timeout" >>& ${SPECIFICO}
echo '*****************************************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
/bin/grep -r TMOUT /home/ >>& ${SPECIFICO}
/bin/grep -r TIMEOUT /home/ >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Displays sendmail configuration info
#
# Insecure Sendmail Options Step 1
#
echo '<li><a href=specific.html#InsecureMail>Insecure Sendmail Options</a>' >>& ${INDEXO}
echo '<a name=InsecureMail>' >>& ${SPECIFICO}
echo "Insecure Sendmail Options Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#SendmailConf>/etc/mail/sendmail.cf</a>' file in Section 2" >>& ${SPECIFICO}
echo '*********************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SYSTEMO}
echo '' >>& ${SYSTEMO}
# Script shows user account information
#
# Issuance of User IDs Step 1
#
echo '<li><a href=specific.html#IssuanceUserIds4>Issuance of User IDs</a>' >>& ${INDEXO}
echo '<a name=IssuanceUserIds4>' >>& ${SPECIFICO}
echo "Issuance of User IDs Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#LoginDefs>/etc/login.defs</a>' file in Section 2" >>& ${SPECIFICO}
echo '***************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Issuance of User IDs Step 2
#
echo "Issuance of User IDs Steps 2" >>& ${SPECIFICO}
echo "See '<a href=system.html#Shadow>/etc/shadow</a>' file in Section 2" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Issuance of User IDs Step 3
#
echo "Issuance of User IDs Step 3" >>& ${SPECIFICO}
echo "Displaying '<a href=system.html#DisplayPasswdFile>/etc/passwd</a>' file in Section 2" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script shows welcome banner configurations
#
# Legal Caption Step 1
#
echo '<li><a href=specific.html#LegalCaption3>Legal Caption</a>' >>& ${INDEXO}
echo '<a name=LegalCaption3>' >>& ${SPECIFICO}
echo "Legal Caption Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#ChkConfig>/sbin/chkconfig --list</a>' file in Section 2" >>& ${SPECIFICO}
echo '**********************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Legal Caption Step 2
#
echo "Legal Caption Step 2" >>& ${SPECIFICO}
echo "Displaying /etc/issue.net" >>& ${SPECIFICO}
echo '*************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
cat /etc/issue.net >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Legal Caption Step 4
#
echo "Legal Caption Step 4" >>& ${SPECIFICO}
echo "Displaying /etc/issue" >>& ${SPECIFICO}
echo '*********************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
cat /etc/issue >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Legal Caption Step 5
#
echo "Legal Caption Step 5" >>& ${SPECIFICO}
echo "Displaying /etc/motd" >>& ${SPECIFICO}
echo '********************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
cat /etc/motd >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script displays log file information and configuration to verify logging events
#
# Log Security Events Step 1
#
echo '<li><a href=specific.html#LogSecurityEvents4>Log Security Events</a>' >>& ${INDEXO}
echo '<a name=LogSecurityEvents4>' >>& ${SPECIFICO}
echo "Log Security Events Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#Syslog>/etc/syslog.conf</a>' file in Section 2" >>& ${SPECIFICO}
echo '****************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Log Security Events Step 3
#
echo "Log Security Events Step 3" >>& ${SPECIFICO}
echo "See '<a href=system.html#Secure>/var/log/secure</a>' file in Section 2" >>& ${SPECIFICO}
echo '***************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Log Security Events Step 3
#
echo "Log Security Events Step 3" >>& ${SPECIFICO}
echo "See '<a href=system.html#Messages>/var/log/messages</a>' file in Section 2" >>& ${SPECIFICO}
echo '*****************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Log Security Events Step 3
#
echo "Log Security Events Step 3" >>& ${SPECIFICO}
echo "Displaying /usr/bin/lastlog" >>& ${SPECIFICO}
echo '***************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
/usr/bin/lastlog >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Log Security Events Step 4
#
echo "Log Security Events Step 4" >>& ${SPECIFICO}
echo "Displaying /usr/bin/w" >>& ${SPECIFICO}
echo '*********************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
/usr/bin/w >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo "Displaying /usr/bin/who" >>& ${SPECIFICO}
echo '***********************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
/usr/bin/who >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo "Displaying /usr/bin/finger" >>& ${SPECIFICO}
echo '**************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
/usr/bin/finger >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo "Displaying /usr/bin/rwho" >>& ${SPECIFICO}
echo '************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
/usr/bin/rwho >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo "Displaying /usr/bin/users" >>& ${SPECIFICO}
echo '*************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
/usr/bin/users >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Log Security Events Step 5
#
echo "Log Security Events Step 5" >>& ${SPECIFICO}
echo "See '<a href=system.html#Last>/usr/bin/last</a>' file in Section 2" >>& ${SPECIFICO}
echo '*************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script displays memory dump setting
#
# Memory Dump Files Step 1
#
echo '<li><a href=specific.html#MemoryDumps3>Memory Dump Files</a>' >>& ${INDEXO}
echo '<a name=MemoryDumps3>' >>& ${SPECIFICO}
echo "Memory Dump Files Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#Profile>/etc/profile</a>' file in Section 2" >>& ${SPECIFICO}
echo '************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script finds all .netrc files
#
# .netrc Files Step 1
#
echo '<a name=Netrc>' >>& ${SPECIFICO}
echo ".netrc Files Step 1" >>& ${SPECIFICO}
echo "See '.netrc' files in Section 2" >>& ${SPECIFICO}
echo '*******************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script shows OS system and program info
#
# Network Device Configuration Step 1
#
echo '<li><a href=specific.html#NetworkDevice>Network Device Configuration</a>' >>& ${INDEXO}
echo '<a name=NetworkDevice>' >>& ${SPECIFICO}
echo "Network Device Configuration Step 1" >>& ${SPECIFICO}
echo "Displaying /bin/rpm -qva" >>& ${SPECIFICO}
echo '************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
/bin/rpm -qva >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Network Device Configuration Step 2
#
echo "Network Device Configuration Step 2" >>& ${SPECIFICO}
echo "Displaying /sbin/sysctl -a" >>& ${SPECIFICO}
echo '**************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
/sbin/sysctl -a >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Displays 'ifconfig -a' to check for a promiscuous mode NIC
#
# Network Interface Card and Promiscuous Mode Step 1
#
echo '<li><a href=specific.html#Promiscuous>Network Interface Card and Promiscuous Mode</a>' >>& ${INDEXO}
echo '<a name=Promiscuous>' >>& ${SPECIFICO}
echo "Network Interface Card and Promiscuous Mode Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#Ifconfig>ifconfig -a</a>' file in Section 2" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script shows executable file permissions and group membership
#
# Network Interface Packet Sniffing Step 1
#
echo '<li><a href=specific.html#NetworkInterface>Network Interface Packet Sniffing</a>' >>& ${INDEXO}
echo '<a name=NetworkInterface>' >>& ${SPECIFICO}
echo "Network Interface Packet Sniffing Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#ExecutableFiles>executable</a>' files in Section 2" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Network Interface Packet Sniffing Step 3
#
echo "Network Interface Packet Sniffing Step 3" >>& ${SPECIFICO}
echo "See '<a href=system.html#Group>/etc/group</a>' file in Section 2" >>& ${SPECIFICO}
echo '**********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Displays existence of '.hushlogin' files
#
# Notification of Last Login Step 1
#
echo '<li><a href=specific.html#LastLogin>Notification of Last Login</a>' >>& ${INDEXO}
echo '<a name=LastLogin>' >>& ${SPECIFICO}
echo "Notification of Last Login Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#Hush>hushlogin</a>' files in Section 2" >>& ${SPECIFICO}
echo '************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script checks packages installed on system
# Package Selection Step 1
#
echo '<li><a href=specific.html#PackageSelect>Package Selection</a>' >>& ${INDEXO}
echo '<a name=PackageSelect>' >>& ${SPECIFICO}
echo "Package Selection Step 1" >>& ${SPECIFICO}
echo "Displaying /bin/rpm -qa" >>& ${SPECIFICO}
echo '************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
/bin/rpm -qa >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script shows user account information
#
# Password Composition Step 1
#
echo '<li><a href=specific.html#PasswordComposition4>Password Composition</a>' >>& ${INDEXO}
echo '<a name=PasswordComposition4>' >>& ${SPECIFICO}
echo "Password Composition Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#LoginDefs>/etc/login.defs</a>' file in Section 2" >>& ${SPECIFICO}
echo '***************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Password Composition Step 2
#
echo "Password Composition Step 2" >>& ${SPECIFICO}
echo "See '<a href=system.html#PamdSys>/etc/pam.d/system-auth' file in Section 2" >>& ${SPECIFICO}
echo '*********************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script shows user account information
#
# Password Expiration Step 1
#
echo '<li><a href=specific.html#PasswordExpiration5>Password Expiration</a>' >>& ${INDEXO}
echo '<a name=PasswordExpiration5>' >>& ${SPECIFICO}
echo "Password Expiration Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#LoginDefs>/etc/login.defs</a>' file in Section 2" >>& ${SPECIFICO}
echo '***************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script shows user account information
#
# Password History Step 2
#
echo '<li><a href=specific.html#PasswordHistory4>Password History</a>' >>& ${INDEXO}
echo '<a name=PasswordHistory4>' >>& ${SPECIFICO}
echo "Password History Step 2" >>& ${SPECIFICO}
echo "See '<a href=system.html#PamdSys>/etc/pam.d/system-auth</a>' file in Section 2" >>& ${SPECIFICO}
echo '*********************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Password History Step 3
#
echo "Password History Step 3" >>& ${SPECIFICO}
echo "Displaying permissions of /etc/security/opasswd" >>& ${SPECIFICO}
echo '***********************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
if ( -f /etc/security/opasswd ) then
ls -al /etc/security/opasswd >>& ${SPECIFICO}
else
echo "No /etc/security/opasswd file found" >>& ${SPECIFICO}
endif
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script checks if /etc/passwd and /etc/shadow exist and their contents
#
# Password Storage Step 1
#
echo '<li><a href=specific.html#PasswordStorage3>Password Storage</a>' >>& ${INDEXO}
echo '<a name=PasswordStorage3>' >>& ${SPECIFICO}
echo "Password Storage Step 1" >>& ${SPECIFICO}
echo "Displaying permissions /etc/passwd" >>& ${SPECIFICO}
echo '**********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
if ( -f /etc/passwd ) then
ls -al /etc/passwd >>& ${SPECIFICO}
else
echo "No /etc/passwd file found" >>& ${SPECIFICO}
endif
echo '' >>& ${SPECIFICO}
# Password Storage Step 1
#
echo "Password Storage Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#DisplayPasswdFile>/etc/passwd</a>' file in Section 2" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Password Storage Step 2
#
echo "Password Storage Step 2" >>& ${SPECIFICO}
echo "Displaying permissions /etc/shadow" >>& ${SPECIFICO}
echo '**********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
if ( -f /etc/shadow ) then
ls -al /etc/shadow >>& ${SPECIFICO}
else
echo "No /etc/shadow file found" >>& ${SPECIFICO}
endif
echo '' >>& ${SPECIFICO}
# Password Storage Step 2
#
echo "Password Storage Step 2" >>& ${SPECIFICO}
echo "See '<a href=system.html#Shadow>/etc/shadow</a>' file in Section 2" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Displays user and group account information
#
# Powerful Group Membership Step 1
#
echo '<li><a href=specific.html#PowerfulGroupMembership>Powerful Group Membership</a>' >>& ${INDEXO}
echo '<a name=PowerfulGroupMembership>' >>& ${SPECIFICO}
echo "Powerful Group Membership Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#DisplayPasswdFile>/etc/passwd</a>' file in Section 2" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Powerful Group Membership Step 1
#
echo "Powerful Group Membership Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#Group>/etc/group</a>' file in Section 2" >>& ${SPECIFICO}
echo '**********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script shows permissions for printer spool directories
#
# Print Spool Directories Step 1
#
echo '<li><a href=specific.html#PrintSpool5>Print Spool Directories</a>' >>& ${INDEXO}
echo '<a name=PrintSpool5>' >>& ${SPECIFICO}
echo "Print Spool Directories Step 1" >>& ${SPECIFICO}
echo "Displaying permissions of /var/spool" >>& ${SPECIFICO}
echo '************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
/bin/ls -l /var/spool >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script displays root account information
#
# Privileged Accounts / Root Login at Console Step 1
#
echo '<li><a href=specific.html#RootLogin4>Privileged Accounts / Root Login at Console</a>' >>& ${INDEXO}
echo '<a name=RootLogin4>' >>& ${SPECIFICO}
echo "Privileged Accounts / Root Login at Console Step 1" >>& ${SPECIFICO}
echo "Displaying /etc/security/access.conf" >>& ${SPECIFICO}
echo '************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
cat /etc/security/access.conf >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Privileged Accounts / Root Login at Console Step 2
#
echo "Privileged Accounts / Root Login at Console Step 2" >>& ${SPECIFICO}
echo "See '<a href=system.html#Group>/etc/group</a>' file in Section 2" >>& ${SPECIFICO}
echo '**********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Privileged Accounts / Root Login at Console Step 3
#
echo "Privileged Accounts / Root Login at Console Step 3" >>& ${SPECIFICO}
echo "See '<a href=system.html#Secure>/var/log/secure</a>' file in Section 2" >>& ${SPECIFICO}
echo '***************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script displays account information
#
# Privileged Accounts Step 1
#
echo '<li><a href=specific.html#PrivilegedAccounts3>Privileged Accounts</a>' >>& ${INDEXO}
echo '<a name=PrivilegedAccounts3>' >>& ${SPECIFICO}
echo "Privleged Accounts Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#FindPasswdFile>/etc/passwd</a>' file in Section 2" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Privileged Accounts Step 2
#
echo "Privileged Accounts Step 2" >>& ${SPECIFICO}
echo "See '<a href=system.html#Group>/etc/group</a>' file in Section 2" >>& ${SPECIFICO}
echo '**********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script shows executable file permissions and group membership
#
# Program File Permissions Step 1
#
echo '<li><a href=specific.html#ProgFilePermissions2>Program File Permissions</a>' >>& ${INDEXO}
echo '<a name=ProgFilePermissions2>' >>& ${SPECIFICO}
echo "Program File Permissions Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#ExecutableFiles>executable</a>' files in Section 2" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Program File Permissions Step 3
#
echo "Program File Permissions Step 3" >>& ${SPECIFICO}
echo "See '<a href=system.html#Group>/etc/group</a>' file in Section 2" >>& ${SPECIFICO}
echo '**********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script checks for unencrypted services
#
# Protection of Authentication Data Step 1
#
echo '<li><a href=specific.html#ProtectData2>Protection of Authentication Data</a>' >>& ${INDEXO}
echo '<a name=ProtectData2>' >>& ${SPECIFICO}
echo "Protection of Authentication Data Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#ChkConfig>/sbin/chkconfig --list</a>' in Section 2" >>& ${SPECIFICO}
echo '**********************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Protection of Authentication Data Step 2
#
echo "Protection of Authentication Data Step 2" >>& ${SPECIFICO}
echo "<a href=system.html#Netstat>See 'netstat -a</a>' file in Section 2" >>& ${SPECIFICO}
echo '**********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script checks for remote trusted r-services
#
# Remote Trusted r- Services Step 1
#
echo '<li><a href=specific.html#RServices3>Remote Trusted r- Services</a>' >>& ${INDEXO}
echo '<a name=RServices3>' >>& ${SPECIFICO}
echo "Remote Trusted r- Services Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#ChkConfig>/sbin/chkconfig --list</a>' in Section 2" >>& ${SPECIFICO}
echo '**********************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script checks for scheduled cron jobs and backups
#
# Review Audit Log Step 1
#
echo '<li><a href=specific.html#ReviewLog>Review Audit Log</a>' >>& ${INDEXO}
echo '<a name=ReviewLog>' >>& ${SPECIFICO}
echo "Review Audit Log Step 1" >>& ${SPECIFICO}
echo "Displaying ps -axu | grep syslogd" >>& ${SPECIFICO}
echo '*********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
ps -axu | grep syslogd >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Review Audit Log Step 2
#
echo "Review Audit Log Step 2" >>& ${SPECIFICO}
echo "Displaying permissions of /var/log" >>& ${SPECIFICO}
echo '**********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
if ( -f /var/log ) then
ls -al /var/log >>& ${SPECIFICO}
else
echo "No /var/log vile found found" >>& ${SPECIFICO}
endif
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script shows user account information
#
# Root Access Step 1
#
echo '<li><a href=specific.html#RootAcess2>Root Access</a>' >>& ${INDEXO}
echo '<a name=RootAccess2>' >>& ${SPECIFICO}
echo "Root Access Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#DisplayPasswdFile>/etc/passwd</a>' file in Section 2" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Root Access Step 1
#
echo "Root Access Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#Secure>/var/log/secure</a>' in Section 2" >>& ${SPECIFICO}
echo '***************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script checks for root FTP access
# Root Login to FTP Step 1
#
echo '<li><a href=specific.html#RootFtp2>Root Login to FTP</a>' >>& ${INDEXO}
echo '<a name=RootFtp2>' >>& ${SPECIFICO}
echo "Root Login to FTP Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#VsftpdConf>/etc/vsftpd/vsftpd.conf' in Section 2" >>& ${SPECIFICO}
echo '***********************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Root Login to FTP Step 2
#
echo "Root Login to FTP Step 2" >>& ${SPECIFICO}
echo "Displaying /etc/vsftpd.user_list" >>& ${SPECIFICO}
echo '********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
if ( -f /etc/vsftpd.user_list ) then
cat /etc/vsftpd.user_list >>& ${SPECIFICO}
else
echo "No /etc/vsftpd.user_list file found" >>& ${SPECIFICO}
endif
echo '' >>& ${SPECIFICO}
# Root Login to FTP Step 1
#
echo "Root Login to FTP Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#Vsftpd>/ftpaccess</a>' in Section 2" >>& ${SPECIFICO}
echo '**************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script shows SSH login information
#
# Root Login to SSH Step 1
#
echo '<li><a href=specific.html#RootSsh>Root Login to SSH Step 1</a>' >>& ${INDEXO}
echo '<a name=RootSsh>' >>& ${SPECIFICO}
echo "Root Login to SSH Step 1" >>& ${SPECIFICO}
echo "Displaying /etc/ssh/sshd_config | grep PermitRootLogin" >>& ${SPECIFICO}
echo '**************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
cat /etc/ssh/sshd_config | grep PermitRootLogin >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script shows telnet root login information
#
# Root Login to Telnet Step 1
#
echo '<li><a href=specific.html#RootTelnet>Root Login to Telnet</a>' >>& ${INDEXO}
echo '<a name=RootTelnet>' >>& ${SPECIFICO}
echo "Root Login to Telnet Step 1" >>& ${SPECIFICO}
echo "Displaying /etc/securetty" >>& ${SPECIFICO}
echo '*************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
cat /etc/securetty >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script shows root startup permissions
#
# Root Startup File Permissions Step 1
#
echo '<li><a href=specific.html#RootStartup3>Root Startup File Permissions</a>' >>& ${INDEXO}
echo '<a name=RootStartup3>' >>& ${SPECIFICO}
echo "Root Startup File Permissions Step 1" >>& ${SPECIFICO}
echo "Displaying permissions of /root/.*" >>& ${SPECIFICO}
echo '**********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
ls -al /root/.* >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Root Startup File Permissions Step 2
#
echo "Root Startup File Permissions Step 2" >>& ${SPECIFICO}
echo "See '<a href=system.html#DisplayPasswdFile>/etc/passwd</a>' file in Section 2" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script shows root user path variable information
#
# Root User Path Variable Step 1
#
echo '<li><a href=specific.html#RootPath3>Root User Path Variable</a>' >>& ${INDEXO}
echo '<a name=RootPath3>' >>& ${SPECIFICO}
echo "Root User Path Variable Step 1" >>& ${SPECIFICO}
echo "Displaying root path variable" >>& ${SPECIFICO}
echo '*****************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
/bin/echo $PATH >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Displays /usr/bin/rpcinfo file to check for RPC network services
#
# RPC Services Step 1
#
echo '<li><a href=specific.html#Rpc>RPC Services</a>' >>& ${INDEXO}
echo '<a name=Rpc>' >>& ${SPECIFICO}
echo "RPC Services Step 1" >>& ${SPECIFICO}
echo "Displaying /usr/bin/rpcinfo" >>& ${SPECIFICO}
echo '***************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
rpcinfo -p localhost >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Displays BIND status
#
# Run BIND With Non-Root Privlege Step 1
#
echo '<li><a href=specific.html#RunBind>Run BIND With Non-Root Privlege</a>' >>& ${INDEXO}
echo '<a name=RunBind>' >>& ${SPECIFICO}
echo "Run BIND With Non-root Privlege Step 1" >>& ${SPECIFICO}
echo "Displaying ps -ef | grep named" >>& ${SPECIFICO}
echo '******************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
ps -ef | grep named >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script shows printer access and permissions
#
# Securing Printing Step 1
#
echo '<li><a href=specific.html#SecurePrint2>Securing Printing</a>' >>& ${INDEXO}
echo '<a name=SecurePrint2>' >>& ${SPECIFICO}
echo "Securing Printing Step 1" >>& ${SPECIFICO}
echo "Displaying permissions and contents of /etc/hosts.equiv" >>& ${SPECIFICO}
echo '*******************************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
if ( -f /etc/hosts.equiv ) then
ls -l /etc/hosts.equiv >>& ${SPECIFICO}
cat /etc/hosts.equiv >>& ${SPECIFICO}
else
echo "No /etc/hosts.equiv file found" >>& ${SPECIFICO}
endif
echo '' >>& ${SPECIFICO}
# Securing Printing Step 1
#
echo "Securing Printing Step 1" >>& ${SPECIFICO}
echo "Displaying permissions and contents of /etc/hosts.lpd" >>& ${SPECIFICO}
echo '*****************************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
if ( -f /etc/hosts.lpd ) then
ls -l /etc/hosts.lpd >>& ${SPECIFICO}
cat /etc/hosts.lpd >>& ${SPECIFICO}
else
echo "No /etc/hosts.lpd file found" >>& ${SPECIFICO}
endif
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Displays permissions of sendmail.cf file
#
# Security of Sendmail.cf File Step 1
#
echo '<li><a href=specific.html#SendmailCf>Security of Sendmail.cf File</a>' >>& ${INDEXO}
echo '<a name=SendmailCf>' >>& ${SPECIFICO}
echo "Security of Sendmail.cf File Step 1" >>& ${SPECIFICO}
echo "Displaying permissions of /etc/mail/sendmail.cf" >>& ${SPECIFICO}
echo '***********************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
ls -la /etc/mail/sendmail.cf >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Displays /etc/mail/sendmail.cf to check for trusted clients
#
# Sendmail Trusted Clients Step 1
#
echo '<li><a href=specific.html#SendmailTrusted>Sendmail Trusted Clients</a>' >>& ${INDEXO}
echo '<a name=SendmailTrusted>' >>& ${SPECIFICO}
echo "Sendmail Trusted Clients Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#SendmailCf>/etc/mail/sendmail.cf</a>' file in Section 2" >>& ${SPECIFICO}
echo '*********************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script shows finger information
#
# Service Information Step 1
#
echo '<li><a href=specific.html#ServiceInformation3>Service Information</a>' >>& ${INDEXO}
echo '<a name=ServiceInformation3>' >>& ${SPECIFICO}
echo "Service Information Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#ChkConfig>/sbin/chkconfig --list</a>' in Section 2" >>& ${SPECIFICO}
echo '**********************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Service Information Step 2
#
echo "Service Information Step 2" >>& ${SPECIFICO}
echo "Displaying /etc/xinetd.d/finger" >>& ${SPECIFICO}
echo '*******************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
cat /etc/xinetd.d/finger >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script shows single command account information
#
# Single Command Accounts Step 1
#
echo '<li><a href=specific.html#SingleCommandAccounts3>Single Command Accounts</a>' >>& ${INDEXO}
echo '<a name=SingleCommandAccounts3>' >>& ${SPECIFICO}
echo "Single Command Accounts Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#DisplayPasswdFile>/etc/passwd</a>' file in Section 2" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Single Command Accounts Step 2
#
echo "Single Command Accounts Step 2" >>& ${SPECIFICO}
echo "See '<a href=system.html#Shadow>/etc/shadow</a>' file in Section 2" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script shows system boot loader password
#
# System Boot Loader Password Step 1
#
echo '<li><a href=specific.html#SysBoot>System Boot Loader Password</a>' >>& ${INDEXO}
echo '<a name=SysBoot>' >>& ${SPECIFICO}
echo "System Boot Loader Password Step 1" >>& ${SPECIFICO}
echo "Displaying /etc/lilo.conf | grep password" >>& ${SPECIFICO}
echo '*****************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
if ( -f /etc/lilo.conf ) then
cat /etc/lilo.conf | grep password >>& ${SPECIFICO}
else
echo "No /etc/lilo.conf file found" >>& ${SPECIFICO}
endif
echo '' >>& ${SPECIFICO}
# System Boot Loader Password Step 1
#
echo "System Boot Loader Password Step 1" >>& ${SPECIFICO}
echo "Displaying /etc/grub.conf | grep password" >>& ${SPECIFICO}
echo '*****************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
if ( -f /etc/grub.conf ) then
cat /etc/grub.conf | grep password >>& ${SPECIFICO}
else
echo "No /etc/grub.conf file found" >>& ${SPECIFICO}
endif
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script shows user account information
#
# Temporary and Contractor Type Accounts Step 1
#
echo '<li><a href=specific.html#TempContract4>Temporary and Contractor Type Accounts</a>' >>& ${INDEXO}
echo '<a name=TempContract4>' >>& ${SPECIFICO}
echo "Temporary and Contractor Type Accounts Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#Shadow>/etc/shadow</a>' file in Section 2" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Displays /etc/passwd file
#
# Unique User IDs Step 1
#
echo '<li><a href=specific.html#UniqueUserIds>Unique User IDs</a>' >>& ${INDEXO}
echo '<a name=UniqueUserIds>' >>& ${SPECIFICO}
echo "Unique User IDs Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#DisplayPasswdFile>/etc/passwd</a>' file in Section 2" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script displays configurations of local and network services
#
# Unnecessary Services Step 1
#
echo '<li><a href=specific.html#UnecessaryServices4>Unecessary Services</a>' >>& ${INDEXO}
echo '<a name=UnecessaryServices4>' >>& ${SPECIFICO}
echo "Unnecessary Services Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#ChkConfig>/sbin/chkconfig --list</a>' in Section 2" >>& ${SPECIFICO}
echo '**********************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Unnecessary Services Step 1
#
echo "Unnecessary Services Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#Netstat>netstat -a</a>' file in Section 2" >>& ${SPECIFICO}
echo '**********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Unnecessary Services Step 1
#
echo "Unnecessary Services Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#Ifconfig>ifconfig -a</a>' file in Section 2" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script shows permissions and contents of at.deny and at.allow, if they exist
#
# Use of AT and BATCH Commands Step 1
#
echo '<li><a href=specific.html#AtBatch4>Use of AT and BATCH Commands</a>' >>& ${INDEXO}
echo '<a name=AtBatch4>' >>& ${SPECIFICO}
echo "Use of AT and BATCH Commands Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#ChkConfig>/sbin/chkconfig --list</a>' in Section 2" >>& ${SPECIFICO}
echo '**********************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Use of AT and BATCH Commands Step 2
#
echo "Use of AT and BATCH Commands Step 2" >>& ${SPECIFICO}
echo "Displaying permissions of /etc/at.deny" >>& ${SPECIFICO}
echo '**************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
if ( -f /etc/at.deny ) then
/bin/ls -al /etc/at.deny >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo "Use of AT and BATCH Commands Step 2" >>& ${SPECIFICO}
echo "Displaying /etc/at.deny" >>& ${SPECIFICO}
echo '***********************' >>& ${SPECIFICO}
/bin/cat /etc/at.deny >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
else
echo "No /etc/at.deny file found" >>& ${SPECIFICO}
endif
echo '' >>& ${SPECIFICO}
# Use of AT and BATCH Commands Step 2
#
echo "Use of AT and BATCH Commands Step 2" >>& ${SPECIFICO}
echo "Displaying permissions of /etc/at.allow" >>& ${SPECIFICO}
echo '***************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
if ( -f /etc/at.allow ) then
/bin/ls -al /etc/at.allow >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo "Use of AT and BATCH Commands Step 1" >>& ${SPECIFICO}
echo "Displaying /etc/at.allow" >>& ${SPECIFICO}
echo '*********************************' >>& ${SPECIFICO}
/bin/cat /etc/at.allow >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
else
echo "No /etc/at.allow file found" >>& ${SPECIFICO}
endif
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script shows Crontab command usage
#
# Use of CRONTAB Command Step 1
#
echo '<li><a href=specific.html#Crontab3>Use of CRONTAB Command</a>' >>& ${INDEXO}
echo '<a name=Crontab3>' >>& ${SPECIFICO}
echo "Use of CRONTAB Command Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#ChkConfig>/sbin/chkconfig --list</a>' in Section 2" >>& ${SPECIFICO}
echo '**********************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Use of CRONTAB Command Step 2
#
echo "Use of CRONTAB Command Step 2" >>& ${SPECIFICO}
echo "Displaying permissions of /etc/cron*" >>& ${SPECIFICO}
echo '*************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
/bin/ls -al /etc/cron* >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Use of CRONTAB Command Step 2
#
echo "Use of CRONTAB Command Step 2" >>& ${SPECIFICO}
echo "Displaying permissions of /var/spool/cron*" >>& ${SPECIFICO}
echo '*******************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
/bin/ls -al /var/spool/cron* >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script displays configuration of sendmail
#
# Use of Sendmail Step 1
#
echo '<li><a href=specific.html#UseOfSendmail4>Use of Sendmail</a>' >>& ${INDEXO}
echo '<a name=UseOfSendmail4>' >>& ${SPECIFICO}
echo "Use of Sendmail Step 1" >>& ${SPECIFICO}
echo "Displaying /sbin/service sendmail status" >>& ${SPECIFICO}
echo '****************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
/sbin/service sendmail status >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Use of Sendmail Step 1
#
echo "Use of Sendmail Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#ChkConfig>/sbin/chkconfig --list</a>' in Section 2" >>& ${SPECIFICO}
echo '**********************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script displays configuration of SNMP
#
# Use of SNMP Step 1
#
echo '<li><a href=specific.html#UseOfSnmp2>Use of SNMP</a>' >>& ${INDEXO}
echo '<a name=UseOfSnmp2>' >>& ${SPECIFICO}
echo "Use of SNMP Step 1" >>& ${SPECIFICO}
echo "Displaying /sbin/service snmpd status" >>& ${SPECIFICO}
echo '*************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
/sbin/service snmpd status >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Use of SNMP Step 1
#
echo "Use of SNMP Step 1" >>& ${SPECIFICO}
echo "Displaying /sbin/service snmptrapd status" >>& ${SPECIFICO}
echo '*****************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
/sbin/service snmptrapd status >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Use of SNMP Step 1
#
echo "Use of SNMP Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#ChkConfig>/sbin/chkconfig --list</a>' in Section 2" >>& ${SPECIFICO}
echo '**********************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script shows world writeable directories
#
# Use of Sticky Bit Step 1
#
echo '<li><a href=specific.html#UseOfSticky>Use of Sticky Bit</a>' >>& ${INDEXO}
echo '<a name=UseOfSticky>' >>& ${SPECIFICO}
echo "Use of the Sticky Bit Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#WorldWriteableDirs>world writable directories</a>' in Section 2" >>& ${SPECIFICO}
echo '*********************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Displays existence of SUID and SGID files
#
# Use of SUID and SGID Programs Step 1
#
echo '<li><a href=specific.html#UseOfSuid>Use of SUID and SGID Programs</a>' >>& ${INDEXO}
echo '<a name=UseOfSuid>' >>& ${SPECIFICO}
echo "Use of SUID and SGID Programs Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#SUID>SUID</a>' files in Section 2" >>& ${SPECIFICO}
echo '*****************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Use of SUID and SGID Programs Step 1
#
echo "Use of SUID and SGID Programs Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#SUID>SGID</a>' files in Section 2" >>& ${SPECIFICO}
echo '*****************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script looks for TCP wrappers
#
# Use of TCP Wrappers Step 1
#
echo '<li><a href=specific.html#UseOfTcpWrap3>Use of TCP Wrappers</a>' >>& ${INDEXO}
echo '<a name=UseOfTcpWrap3>' >>& ${SPECIFICO}
echo "Use of TCP Wrappers Step 1" >>& ${SPECIFICO}
echo "Displaying permissions of /etc/xinetd.d directory" >>& ${SPECIFICO}
echo '*************************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
/bin/ls -al /etc/xinetd.d >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Use of TCP Wrappers Step 2
#
echo "Use of TCP Wrappers Step 2" >>& ${SPECIFICO}
echo "Displaying contents of every file in /etc/xinetd.d directory" >>& ${SPECIFICO}
echo '************************************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
cat /etc/xinetd.d/* >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script checks TFTP configuration
#
# Use of TFTP Step 1
#
echo '<li><a href=specific.html#UseOfTftp3>Use of TFTP</a>' >>& ${INDEXO}
echo '<a name=UseOfTftp3>' >>& ${SPECIFICO}
echo "Use of TFTP Step 1" >>& ${SPECIFICO}
echo "Displaying /etc/xinetd.d/tftp" >>& ${SPECIFICO}
echo '*****************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
cat /etc/xinetd.d/tftp >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Displays /etc/passwd file
#
# User and Group ID Numbers Step 1
#
echo '<li><a href=specific.html#UserID>User and Group ID Numbers</a>' >>& ${INDEXO}
echo '<a name=UserID>' >>& ${SPECIFICO}
echo "User and Group ID Numbers Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#Passwd>/etc/passwd</a>' file in Section 2" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Displays /etc/passwd file
#
# User Description Step 1
#
echo '<li><a href=specific.html#UserDescription>User Description</a>' >>& ${INDEXO}
echo '<a name=UserDescription>' >>& ${SPECIFICO}
echo "User Description Step 1" >>& ${SPECIFICO}
echo "<a href=system.html#DisplayPasswdFile>See '/etc/passwd</a>' file in Section 2" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Displays /etc/passwd file
#
# User Home Directory Step 1
#
echo '<li><a href=specific.html#UserHome>User Home Directory</a>' >>& ${INDEXO}
echo '<a name=UserHome>' >>& ${SPECIFICO}
echo "User Home Directory Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#DisplayPasswdFile>/etc/passwd</a>' file in Section 2" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Displays /etc/passwd file
#
# User ID Naming Convention Step 1
#
echo '<li><a href=specific.html#UserIdNamingConvention>User ID Naming Convention</a>' >>& ${INDEXO}
echo '<a name=UserIdNamingConvention>' >>& ${SPECIFICO}
echo "User ID Naming Convention Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#DisplayPasswdFile>/etc/passwd</a>' file in Section 2" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script checks for user shells
#
# User Shells Step 1
#
echo '<li><a href=specific.html#UserShells3>User Shells</a>' >>& ${INDEXO}
echo '<a name=UserShells3>' >>& ${SPECIFICO}
echo "User Shells Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#Shells>/etc/shells</a>' file in Section 2" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# User Shells Step 2
#
echo "User Shells Step 2" >>& ${SPECIFICO}
echo "See '<a href=system.html#DisplayPasswdFile>/etc/passwd</a>' file in Section 2" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script checks if UUCP is used
#
# UUCP Usage Step 1
#
echo '<li><a href=specific.html#UucpUse4>UUCP Usage</a>' >>& ${INDEXO}
echo '<a name=UucpUse4>' >>& ${SPECIFICO}
echo "UUCP Usage Step 1" >>& ${SPECIFICO}
echo "Displaying /bin/rpm -qa | grep uucp" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
/bin/rpm -qa | grep uucp >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# UUCP Usage Step 2
#
echo "UUCP Usage Step 2" >>& ${SPECIFICO}
echo "See '<a href=system.html#Shadow>/etc/shadow</a>' file in Section 2" >>& ${SPECIFICO}
echo '***********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# UUCP Usage Step 3
#
echo "UUCP Usage Step 3" >>& ${SPECIFICO}
echo "See '<a href=system.html#ChkConfig>/sbin/chkconfig --list</a>' in Section 2" >>& ${SPECIFICO}
echo '**********************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# UUCP Usage Step 4
#
echo "UUCP Usage Step 4" >>& ${SPECIFICO}
echo "Displaying contents of /etc/uucp/*" >>& ${SPECIFICO}
echo '**********************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
/bin/cat /etc/uucp/* >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script shows user account information
#
# X-Windows Started At Boot Step 1
#
echo '<li><a href=specific.html#XWinBoot>X-Windows Started At Boot Time</a>' >>& ${INDEXO}
echo '<a name=XWinBoot>' >>& ${SPECIFICO}
echo "X-Windows Started At Boot Step 1" >>& ${SPECIFICO}
echo "Displaying /etc/inittab | grep initdefault" >>& ${SPECIFICO}
echo '******************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
cat /etc/inittab | grep initdefault >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script shows user account information
#
# X-Windows Tunneling Over SSH Step 1
#
echo '<li><a href=specific.html#XWinTunnel>X-Windows Tunneling Over SSH</a>' >>& ${INDEXO}
echo '<a name=XWinTunnel>' >>& ${SPECIFICO}
echo "X-Windows Started At Boot Step 1" >>& ${SPECIFICO}
echo "Displaying /etc/ssh/sshd_config | grep X11Forwarding" >>& ${SPECIFICO}
echo '****************************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
cat /etc/ssh/sshd_config | grep X11Forwarding >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopOfIndex>Return to Report</a>' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# Script checks if X-windows is used
#
# X-Windows Usage Step 1
#
echo '<li><a href=specific.html#XWinUse>X-Windows Usage</a>' >>& ${INDEXO}
echo '<a name=XWinUse>' >>& ${SPECIFICO}
echo "X-Windows Usage Step 1" >>& ${SPECIFICO}
echo "See '<a href=system.html#Netstat>netstat -an</a>' file in Section 2" >>& ${SPECIFICO}
echo '************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# X-Windows Usage Step 2
#
echo "X-Windows Usage Step 2" >>& ${SPECIFICO}
echo "Displaying files that allow X-windows sessions" >>& ${SPECIFICO}
echo '**********************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
find / \( -fstype nfs -prune \) -o -name 'X*.hosts' -exec ls -la {} \; -exec cat {} \; >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
# X-Windows Usage Step 3
#
echo "X-Windows Usage Step 3" >>& ${SPECIFICO}
echo "Displaying permissions of /usr/X11R6/bin/xhost" >>& ${SPECIFICO}
echo '**********************************************' >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
/bin/ls -l /usr/X11R6/bin/xhost >>& ${SPECIFICO}
echo '' >>& ${SPECIFICO}
echo '<a href=index.html#TopO
No comments:
Post a Comment