My favorites | Sign in
Project Home Downloads Wiki Issues Source
Search
for
Tests  
List of tests that are implemented on HnTool
Featured
Updated Oct 24, 2010 by linux.r...@gmail.com

The following tests are implemented on HnTool:

MySQL checks

  • Check if MySQL configurations files are not found
  • Check if using default password
  • Check if using default database
  • Check if using anonymous user
  • Check if using Infile configuration

Apache config file

  • Check if Apache configurations files are not found
  • Check if Apache configurations files are not found
  • Check if ServerTokens is using harmful conf
  • Check if KeepAlive is set to On
  • Check if ServerSignature is set to Off
  • Check if LimitRequestBody is bigger than 0
  • Check if LimitRequestFields is bigger than 0
  • Check if LimitRequestFieldsize is equal 8190
  • Check if LimitRequestLine is equal 8190
  • Check if Timeout less than 300
  • Check if permissions on .htpasswd file are correct

Users, groups and authentications

  • Check if permissions on shadow file are correct
  • Check if permissions on passwd file are correct
  • Check if there are users (other than root) with UID 0
  • Search for harmful shells
  • Check permissions on home directories
  • Check if passwords expires on 90 days or more
  • Check if Single-User Mode does requires authentication

Checks filesystems for security problems

  • Check if the locate database can be found
  • Check if we find old files (+30 days) in /tmp
  • Check if we find old files (+30 days) in /var/db/locate.database

Checks security problems on php config file

  • Check if Register globals is on
  • Check if Safe mode is on (fake security)
  • Check if Display errors is on (stdout)
  • Check if Expose PHP is on

Checks for open ports

  • Check if we can find any device with executable rights
  • Check if we can find any open door

Check security problems on PostgreSQL configuration files

  • Check if trusted local Unix authentication are allowed
  • Check if the server is running on default port
  • Check if the server is running with SSL

Checks for services with remote access allowed

  • Check if, by default, services are rejecting connections

Checks security problems on sshd config file

  • Check if root access is allowed
  • Check if SSH is using protocol v2
  • Check if empty passwords are allowed
  • Check if X11 forward is allowed
  • Check if TCP forwarding is allowed
  • Check if SSH is using the default port

Checks security problems on system-wide configuration

  • Check if Core dumps are disabled
  • Check if ExecShield is enabled
  • Check if GRUB asks for a password
  • Check permissions on /boot/grub/menu.lst
  • Check if Single-User mode requires authentication

Sign in to add a comment
Powered by Google Project Hosting