Friday, May 11, 2012

Audit Me



Hey everyone! So today was a pretty cool day, I got a lot of work done on the next version of AuditMe which is shaping up really well in my humble opinion.

There will be a major cosmetic overhaul (hey I’m not a UI designer so sue me!) and some new functionality.

The latest version of AuditMe will include deeper service configuration auditing, better mandatory access control audits (thanks for the tip Carlos!) and a nifty feature incorporated from another script

I discovered called checksec which is available from trapkit.de , that audits kernel tuning and memory protection features (ASLR, NX etc) in Linux.


 I’m stoked about this project and I really hope I can make this thing go somewhere. That being said if my horrid python skills are willing, it will ;-)









Lately several people on Ubuntu Forums, have been wondering if there is a simple utility to audit weak system configurations. I couldn’t find one specifically tailored to Ubuntu so I hacked on up in a few hours over the weekend.

Incidentally it’s become something interesting to me and a project I will probably continue for the foreseeable future.

Audit me is designed to find weak service and system configurations (or defaults) in Ubuntu. It’s targeted toward the server side of the house though I may eventually add support for desktop features like auditing of browser security.

Below are some screenshots of some of AuditMe’s features.
To find out more about AuditMe click here

 

Introducing…Audit Me


Audit Me is a small python program designed to quickly give Ubuntu System Administrators and Users an overview of their system’s security stance. It looks for default configurations, weak configurations, weak password hashes, services you might not know may be running, inherently insecure services, configuration (or lack thereof) of mandatory access controls and weak file permissions.
Note : in order for Audit Me to Audit Apparmor you must have apparmor-utils installed.

1sudo apt-get install apparmor-utils
Download AuditMe v.1 : Here [right click save link as]
Usage :
1sudo python auditme.py
or
1sudo ./auditme.py

It’s fast, written in Python and free (like beer and freedom). Please Note :
This software is provided free for you to use , change or throw away without any warranty of any kind. If it screws up your system (which it shouldn’t) it’s your fault not mine. I will support you with issues (though there shouldn’t be any) to the best of my ability. If you would like to report a bug please do so in the comments section on this page.

Audit Me (Alpha) v.1 Released

This is in its very beginning stages, and is probably a little rough around the edges, though it’s still pretty effective.
Features include
+ Auditing of Weak Service configurations for (Apache and SSH with more services to be added)
+ Password Auditing (checks only the hash strength NOT the password strength)
+ Auditing of Mandatory Access Controls
+ Auditing of File Permissions
+ Auditing of Kernel Tuning
+ Detect insecure services
In the Future :
+ More configuration auditing
+ Deeper file permission auditing
+ Password entropy auditing
+ Firewall Auditing
+ IDS Auditing
+ Deeper Kernel auditing and process memory protection auditing.
+ Support for SELinux context auditing
+ Support for Apparmor profile auditing
+ File Integrity Checking
+ Report Generation


No comments:

Post a Comment