Buck-security – Security scanner for Ubuntu Servers

Sponsored Link
Buck-Security is a security scanner for Debian and Ubuntu Linux. It helps you to harden your system by running some important security checks. For example, it finds world-writable files and directories, setuid and setgid programs, superuser accounts, and installed attack tool packages. It also checks your umask and checks if the sticky bit is set for /tmp, among other checks.It was designed for Debian and Ubuntu servers, but can be useful for any Linux system.
By now the following tests are implemented:

* Searching for worldwriteable files
* Searching for worldwriteable directories
* Searching for programs where the setuid is set
* Searching for programs where the setgid is set
* Checking your umask
* Checking if the sticky-bit is set for /tmp
* Searching for superusers
* Checking firewall policies
* Checking if sshd is secured
* Creating and checking checksums of system programs
* Searching for installed attack tools packages

How to run Buck-security in Ubuntu servers

First you need to download latest version from here

unzip the the zip-file.

unzip buck-security_0.5.zip

To start the checks run the buck program (type ./buck while in the buck-security directory).

cd buck-security_0.5

sudo ./buck

For more information check buck security documentation

Sponsored Link

Related posts

11 thoughts on “Buck-security – Security scanner for Ubuntu Servers

  1. Great!
    I’ve missed something like that after I’ve migrated few years ago from Mandrake Linux (not Mandriva yet) to Ubuntu. There was something simmilar called msec. I’ve had to use few other applications which didn’t met my needs in 100%.

  2. Is there any plan in near future for repository with deb packages for Debian and Ubuntu?

  3. Bastille is a complete different kind of program, you cant compare it to buck-security.

    Bastille is a great tool, but an automated hardening tool which changes your system settings. On the other side buck-security seems to be a very useful security scanner which scans for important things like worldwriteable files, dirs, suids, …

    Probably you should use both

Leave a comment

Your email address will not be published. Required fields are marked *