Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!wuarchive!gem.mps.ohio-state.edu!tut.cis.ohio-state.edu!ucbvax!ucdavis!uop!cheers!greg
From: greg@cheers.uucp (Greg Onufer)
Newsgroups: comp.unix.wizards
Subject: Re: What should go into a security-checking shell script?
Message-ID: <1TDnkx#VBnsh=greg@cheers.UUCP>
Date: 24 Oct 89 17:50:17 GMT
References: <363@nisca.ircc.ohio-state.edu> <MONTNARO.89Oct23142449@sprite.crd.ge.com>
Distribution: usa
Lines: 19

A few things to think about:
	- Compare checksums of all vendor-supplied executables
	  with known-correct checksums.
	- Use find(1) to search the disks for set-uid
	  and set-gid executables as well as special 
	  devices (since they can only be made by root).
	- Check the validity of root's dot-files (incl.
	  root's default PATH).
	- Validate the permissions of all important 
	  configuration files (/etc/passwd, /etc/group,
	  /etc/{tty,ini}tab, UUCP L.sys/Systems files,
	  etc).
	- Check that all users have passwords, even going as far
	  as checking against the system dictionary to determine
	  if existing passwords are "easy" to break.

That's most of the checking I do locally, more ideas would be welcome!

Cheers!greg (Greg Onufer, cheers!greg@lll-winken.llnl.gov)